aboutsummaryrefslogtreecommitdiffstats
path: root/arch/mips
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2005-10-30 18:02:08 -0500
committerLinus Torvalds <torvalds@g5.osdl.org>2005-10-30 20:37:18 -0500
commita92897286485735e3708af357f8bcaf0592bd77a (patch)
tree698e4623bdc794462c270ee3e5ef549503593f4a /arch/mips
parentdfc4f94d2ff95fc92127d3e512c1df7cab274fb8 (diff)
[PATCH] Don't uselessly export task_struct to userspace in core dumps
task_struct is an internal structure to the kernel with a lot of good information, that is probably interesting in core dumps. However there is no way for user space to know what format that information is in making it useless. I grepped the GDB 6.3 source code and NT_TASKSTRUCT while defined is not used anywhere else. So I would be surprised if anyone notices it is missing. In addition exporting kernel pointers to all the interesting kernel data structures sounds like the very definition of an information leak. I haven't a clue what someone with evil intentions could do with that information, but in any attack against the kernel it looks like this is the perfect tool for aiming that attack. So since NT_TASKSTRUCT is useless as currently defined and is potentially dangerous, let's just not export it. (akpm: Daniel Jacobowitz <dan@debian.org> "would be amazed" if anything was using NT_TASKSTRUCT). Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'arch/mips')
-rw-r--r--arch/mips/kernel/irixelf.c17
1 files changed, 6 insertions, 11 deletions
diff --git a/arch/mips/kernel/irixelf.c b/arch/mips/kernel/irixelf.c
index 7ce34d4aa22..10d3644e360 100644
--- a/arch/mips/kernel/irixelf.c
+++ b/arch/mips/kernel/irixelf.c
@@ -1077,8 +1077,8 @@ static int irix_core_dump(long signr, struct pt_regs * regs, struct file *file)
1077 struct elfhdr elf; 1077 struct elfhdr elf;
1078 off_t offset = 0, dataoff; 1078 off_t offset = 0, dataoff;
1079 int limit = current->signal->rlim[RLIMIT_CORE].rlim_cur; 1079 int limit = current->signal->rlim[RLIMIT_CORE].rlim_cur;
1080 int numnote = 4; 1080 int numnote = 3;
1081 struct memelfnote notes[4]; 1081 struct memelfnote notes[3];
1082 struct elf_prstatus prstatus; /* NT_PRSTATUS */ 1082 struct elf_prstatus prstatus; /* NT_PRSTATUS */
1083 elf_fpregset_t fpu; /* NT_PRFPREG */ 1083 elf_fpregset_t fpu; /* NT_PRFPREG */
1084 struct elf_prpsinfo psinfo; /* NT_PRPSINFO */ 1084 struct elf_prpsinfo psinfo; /* NT_PRPSINFO */
@@ -1211,20 +1211,15 @@ static int irix_core_dump(long signr, struct pt_regs * regs, struct file *file)
1211 } 1211 }
1212 strlcpy(psinfo.pr_fname, current->comm, sizeof(psinfo.pr_fname)); 1212 strlcpy(psinfo.pr_fname, current->comm, sizeof(psinfo.pr_fname));
1213 1213
1214 notes[2].name = "CORE";
1215 notes[2].type = NT_TASKSTRUCT;
1216 notes[2].datasz = sizeof(*current);
1217 notes[2].data = current;
1218
1219 /* Try to dump the FPU. */ 1214 /* Try to dump the FPU. */
1220 prstatus.pr_fpvalid = dump_fpu (regs, &fpu); 1215 prstatus.pr_fpvalid = dump_fpu (regs, &fpu);
1221 if (!prstatus.pr_fpvalid) { 1216 if (!prstatus.pr_fpvalid) {
1222 numnote--; 1217 numnote--;
1223 } else { 1218 } else {
1224 notes[3].name = "CORE"; 1219 notes[2].name = "CORE";
1225 notes[3].type = NT_PRFPREG; 1220 notes[2].type = NT_PRFPREG;
1226 notes[3].datasz = sizeof(fpu); 1221 notes[2].datasz = sizeof(fpu);
1227 notes[3].data = &fpu; 1222 notes[2].data = &fpu;
1228 } 1223 }
1229 1224
1230 /* Write notes phdr entry. */ 1225 /* Write notes phdr entry. */