Skip to content

L
linux
Commit df04abfd authored by Jiri Olsa's avatar Jiri Olsa Committed by Linus Torvalds
Browse files
Options

fs/proc/kcore.c: Add bounce buffer for ktext data 

We hit hardened usercopy feature check for kernel text access by reading
kcore file:

  usercopy: kernel memory exposure attempt detected from ffffffff8179a01f (<kernel text>) (4065 bytes)
  kernel BUG at mm/usercopy.c:75!

Bypassing this check for kcore by adding bounce buffer for ktext data.
Reported-by: default avatarSteve Best <sbest@redhat.com>
Fixes: f5509cc1 ("mm: Hardened usercopy")
Suggested-by: default avatarKees Cook <keescook@chromium.org>
Signed-off-by: default avatarJiri Olsa <jolsa@kernel.org>
Acked-by: default avatarKees Cook <keescook@chromium.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent f5beeb18
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 1 deletion
fs/proc/kcore.c
View file @ df04abfd
......@@ -509,7 +509,12 @@ read_kcore(struct file *file, char __user *buffer, size_t buflen, loff_t *fpos)
if (kern_addr_valid(start)) {
unsigned long n;
n = copy_to_user(buffer, (char *)start, tsz);
/*
* Using bounce buffer to bypass the
* hardened user copy kernel text checks.
*/
memcpy(buf, (char *) start, tsz);
n = copy_to_user(buffer, buf, tsz);
/*
* We cannot distinguish between fault on source
* and fault on destination. When this happens
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7