Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
x86: shadow stacks: proper error handling for mmap lock
김영민 reports that shstk_pop_sigframe() doesn't check for errors from
mmap_read_lock_killable(), which is a silly oversight, and also shows
that we haven't marked those functions with "__must_check", which would
have immediately caught it.
So let's fix both issues.
Reported-by: 김영민 <osori@hspace.io>
Acked-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Acked-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+5
-4
+2
-1
arch/x86/kernel/shstk.c
+2
-1
arch/x86/kernel/shstk.c
···
351
351
need_to_check_vma = PAGE_ALIGN(*ssp) == *ssp;
352
352
353
353
if (need_to_check_vma)
354
-
mmap_read_lock_killable(current->mm);
354
+
if (mmap_read_lock_killable(current->mm))
355
+
return -EINTR;
355
356
356
357
err = get_shstk_data(&token_addr, (unsigned long __user *)*ssp);
357
358
if (unlikely(err))
+3
-3
include/linux/mmap_lock.h
+3
-3
include/linux/mmap_lock.h
···
546
546
__mmap_lock_trace_acquire_returned(mm, true, true);
547
547
}
548
548
549
-
static inline int mmap_write_lock_killable(struct mm_struct *mm)
549
+
static inline int __must_check mmap_write_lock_killable(struct mm_struct *mm)
550
550
{
551
551
int ret;
552
552
···
593
593
__mmap_lock_trace_acquire_returned(mm, false, true);
594
594
}
595
595
596
-
static inline int mmap_read_lock_killable(struct mm_struct *mm)
596
+
static inline int __must_check mmap_read_lock_killable(struct mm_struct *mm)
597
597
{
598
598
int ret;
599
599
···
603
603
return ret;
604
604
}
605
605
606
-
static inline bool mmap_read_trylock(struct mm_struct *mm)
606
+
static inline bool __must_check mmap_read_trylock(struct mm_struct *mm)
607
607
{
608
608
bool ret;
609
609