AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-02-26 04:22:36 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
dff20fb279
linux_dsm_epyc7002/arch/sparc/lib
History
Al Viro fdd97c4568 sparc32: fix a user-triggerable oops in clear_user() 
commit 7780918b36489f0b2f9a3749d7be00c2ceaec513 upstream.

Back in 2.1.29 the clear_user() guts (__bzero()) had been merged
with memset().  Unfortunately, while all exception handlers had been
copied, one of the exception table entries got lost.  As the result,
clear_user() starting at 128*n bytes before the end of page and
spanning between 8 and 127 bytes into the next page would oops when
the second page is unmapped.  It's trivial to reproduce - all
it takes is

main()
{
	int fd = open("/dev/zero", O_RDONLY);
	char *p = mmap(NULL, 16384, PROT_READ|PROT_WRITE,
			MAP_PRIVATE|MAP_ANON, -1, 0);
	munmap(p + 8192, 8192);
	read(fd, p + 8192 - 128, 192);
}

which had been oopsing since March 1997.  Says something about
the quality of test coverage... ;-/  And while today sparc32 port
is nearly dead, back in '97 it had been very much alive; in fact,
sparc64 had only been in mainline for 3 months by that point...

Cc: stable@kernel.org
Fixes: v2.1.29
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-03-04 11:38:43 +01:00
..
ashldi3.S
ashrdi3.S
atomic32.c atomics/treewide: Rename __atomic_add_unless() => atomic_fetch_add_unless() 2018-06-21 14:22:32 +02:00
atomic_64.S
bitext.c
bitops.S
blockops.S
bzero.S
checksum_32.S sparc32: propagate the calling conventions change down to __csum_partial_copy_sparc_generic() 2020-08-20 15:45:19 -04:00
checksum_64.S
clear_page.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
cmpdi2.c
copy_in_user.S
copy_page.S mm: introduce include/linux/pgtable.h 2020-06-09 09:39:13 -07:00
copy_user.S
csum_copy_from_user.S sparc64: propagate the calling convention changes down to __csum_partial_copy_...() 2020-08-20 15:45:21 -04:00
csum_copy_to_user.S sparc64: propagate the calling convention changes down to __csum_partial_copy_...() 2020-08-20 15:45:21 -04:00
csum_copy.S [regression fix] really dumb fuckup in sparc64 __csum_partial_copy() changes 2020-12-08 16:37:47 -05:00
divdi3.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 14 2019-05-21 11:28:45 +02:00
ffs.S
fls64.S
fls.S
GENbzero.S
GENcopy_from_user.S
GENcopy_to_user.S
GENmemcpy.S
GENpage.S
GENpatch.S
hweight.S sparc64: repair calling incorrect hweight function from stubs 2017-12-27 20:29:48 -05:00
iomap.c
ipcsum.S
libgcc.h
locks.S
lshrdi3.S
M7copy_from_user.S
M7copy_to_user.S
M7memcpy.S
M7memset.S
M7patch.S
Makefile
mcount.S
memcmp.S
Memcpy_utils.S
memcpy.S
memmove.S
memscan_32.S
memscan_64.S
memset.S sparc32: fix a user-triggerable oops in clear_user() 2021-03-04 11:38:43 +01:00
muldi3.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 14 2019-05-21 11:28:45 +02:00
multi3.S
NG2copy_from_user.S
NG2copy_to_user.S
NG2memcpy.S
NG2patch.S
NG4clear_page.S sparc64: Add missing newline at end of file 2019-07-09 14:53:57 -07:00
NG4copy_from_user.S
NG4copy_page.S
NG4copy_to_user.S
NG4fls.S
NG4memcpy.S
NG4memset.S
NG4patch.S
NGbzero.S
NGcopy_from_user.S
NGcopy_to_user.S
NGmemcpy.S
NGpage.S
NGpatch.S
PeeCeeI.c
strlen.S
strncmp_32.S
strncmp_64.S
U1copy_from_user.S
U1copy_to_user.S
U1memcpy.S
U3copy_from_user.S
U3copy_to_user.S
U3memcpy.S
U3patch.S
ucmpdi2.c
udivdi3.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 14 2019-05-21 11:28:45 +02:00
VISsave.S
xor.S