diff options
author | Maciej W. Rozycki <macro@imgtec.com> | 2016-03-03 20:42:49 -0500 |
---|---|---|
committer | Ralf Baechle <ralf@linux-mips.org> | 2016-03-04 16:52:32 -0500 |
commit | e723e3f7f9591b79e8c56b3d7c5a204a9c571b55 (patch) | |
tree | 24f595ea619d1febe04a97e97ea8536bdb11ed92 | |
parent | 887349f69f37e71e2a8bfbd743831625a0b2ff51 (diff) |
MIPS: traps: Fix SIGFPE information leak from `do_ov' and `do_trap_or_bp'
Avoid sending a partially initialised `siginfo_t' structure along SIGFPE
signals issued from `do_ov' and `do_trap_or_bp', leading to information
leaking from the kernel stack.
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
Cc: stable@vger.kernel.org
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-rw-r--r-- | arch/mips/kernel/traps.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/arch/mips/kernel/traps.c b/arch/mips/kernel/traps.c index ae790c575d4f..bf14da9f3e33 100644 --- a/arch/mips/kernel/traps.c +++ b/arch/mips/kernel/traps.c | |||
@@ -690,15 +690,15 @@ static int simulate_sync(struct pt_regs *regs, unsigned int opcode) | |||
690 | asmlinkage void do_ov(struct pt_regs *regs) | 690 | asmlinkage void do_ov(struct pt_regs *regs) |
691 | { | 691 | { |
692 | enum ctx_state prev_state; | 692 | enum ctx_state prev_state; |
693 | siginfo_t info; | 693 | siginfo_t info = { |
694 | .si_signo = SIGFPE, | ||
695 | .si_code = FPE_INTOVF, | ||
696 | .si_addr = (void __user *)regs->cp0_epc, | ||
697 | }; | ||
694 | 698 | ||
695 | prev_state = exception_enter(); | 699 | prev_state = exception_enter(); |
696 | die_if_kernel("Integer overflow", regs); | 700 | die_if_kernel("Integer overflow", regs); |
697 | 701 | ||
698 | info.si_code = FPE_INTOVF; | ||
699 | info.si_signo = SIGFPE; | ||
700 | info.si_errno = 0; | ||
701 | info.si_addr = (void __user *) regs->cp0_epc; | ||
702 | force_sig_info(SIGFPE, &info, current); | 702 | force_sig_info(SIGFPE, &info, current); |
703 | exception_exit(prev_state); | 703 | exception_exit(prev_state); |
704 | } | 704 | } |
@@ -874,7 +874,7 @@ out: | |||
874 | void do_trap_or_bp(struct pt_regs *regs, unsigned int code, | 874 | void do_trap_or_bp(struct pt_regs *regs, unsigned int code, |
875 | const char *str) | 875 | const char *str) |
876 | { | 876 | { |
877 | siginfo_t info; | 877 | siginfo_t info = { 0 }; |
878 | char b[40]; | 878 | char b[40]; |
879 | 879 | ||
880 | #ifdef CONFIG_KGDB_LOW_LEVEL_TRAP | 880 | #ifdef CONFIG_KGDB_LOW_LEVEL_TRAP |
@@ -903,7 +903,6 @@ void do_trap_or_bp(struct pt_regs *regs, unsigned int code, | |||
903 | else | 903 | else |
904 | info.si_code = FPE_INTOVF; | 904 | info.si_code = FPE_INTOVF; |
905 | info.si_signo = SIGFPE; | 905 | info.si_signo = SIGFPE; |
906 | info.si_errno = 0; | ||
907 | info.si_addr = (void __user *) regs->cp0_epc; | 906 | info.si_addr = (void __user *) regs->cp0_epc; |
908 | force_sig_info(SIGFPE, &info, current); | 907 | force_sig_info(SIGFPE, &info, current); |
909 | break; | 908 | break; |