git.openpandora.org
/
pandora-kernel.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer
[pandora-kernel.git]
/
kernel
/
kprobes.c
diff --git
a/kernel/kprobes.c
b/kernel/kprobes.c
index
2f193d0
..
a4f561a
100644
(file)
--- a/
kernel/kprobes.c
+++ b/
kernel/kprobes.c
@@
-36,7
+36,7
@@
#include <linux/init.h>
#include <linux/slab.h>
#include <linux/stddef.h>
#include <linux/init.h>
#include <linux/slab.h>
#include <linux/stddef.h>
-#include <linux/
module
.h>
+#include <linux/
export
.h>
#include <linux/moduleloader.h>
#include <linux/kallsyms.h>
#include <linux/freezer.h>
#include <linux/moduleloader.h>
#include <linux/kallsyms.h>
#include <linux/freezer.h>
@@
-598,7
+598,7
@@
static __kprobes void kprobe_optimizer(struct work_struct *work)
}
/* Wait for completing optimization and unoptimization */
}
/* Wait for completing optimization and unoptimization */
-
static
__kprobes void wait_for_kprobe_optimizer(void)
+__kprobes void wait_for_kprobe_optimizer(void)
{
if (delayed_work_pending(&optimizing_work))
wait_for_completion(&optimizer_comp);
{
if (delayed_work_pending(&optimizing_work))
wait_for_completion(&optimizer_comp);
@@
-1077,6
+1077,7
@@
void __kprobes kprobe_flush_task(struct task_struct *tk)
/* Early boot. kretprobe_table_locks not yet initialized. */
return;
/* Early boot. kretprobe_table_locks not yet initialized. */
return;
+ INIT_HLIST_HEAD(&empty_rp);
hash = hash_ptr(tk, KPROBE_HASH_BITS);
head = &kretprobe_inst_table[hash];
kretprobe_table_lock(hash, &flags);
hash = hash_ptr(tk, KPROBE_HASH_BITS);
head = &kretprobe_inst_table[hash];
kretprobe_table_lock(hash, &flags);
@@
-1085,7
+1086,6
@@
void __kprobes kprobe_flush_task(struct task_struct *tk)
recycle_rp_inst(ri, &empty_rp);
}
kretprobe_table_unlock(hash, &flags);
recycle_rp_inst(ri, &empty_rp);
}
kretprobe_table_unlock(hash, &flags);
- INIT_HLIST_HEAD(&empty_rp);
hlist_for_each_entry_safe(ri, node, tmp, &empty_rp, hlist) {
hlist_del(&ri->hlist);
kfree(ri);
hlist_for_each_entry_safe(ri, node, tmp, &empty_rp, hlist) {
hlist_del(&ri->hlist);
kfree(ri);
@@
-1334,8
+1334,10
@@
int __kprobes register_kprobe(struct kprobe *p)
if (!kernel_text_address((unsigned long) p->addr) ||
in_kprobes_functions((unsigned long) p->addr) ||
ftrace_text_reserved(p->addr, p->addr) ||
if (!kernel_text_address((unsigned long) p->addr) ||
in_kprobes_functions((unsigned long) p->addr) ||
ftrace_text_reserved(p->addr, p->addr) ||
- jump_label_text_reserved(p->addr, p->addr))
- goto fail_with_jump_label;
+ jump_label_text_reserved(p->addr, p->addr)) {
+ ret = -EINVAL;
+ goto cannot_probe;
+ }
/* User can pass only KPROBE_FLAG_DISABLED to register_kprobe */
p->flags &= KPROBE_FLAG_DISABLED;
/* User can pass only KPROBE_FLAG_DISABLED to register_kprobe */
p->flags &= KPROBE_FLAG_DISABLED;
@@
-1352,7
+1354,7
@@
int __kprobes register_kprobe(struct kprobe *p)
* its code to prohibit unexpected unloading.
*/
if (unlikely(!try_module_get(probed_mod)))
* its code to prohibit unexpected unloading.
*/
if (unlikely(!try_module_get(probed_mod)))
- goto
fail_with_jump_label
;
+ goto
cannot_probe
;
/*
* If the module freed .init.text, we couldn't insert
/*
* If the module freed .init.text, we couldn't insert
@@
-1361,7
+1363,7
@@
int __kprobes register_kprobe(struct kprobe *p)
if (within_module_init((unsigned long)p->addr, probed_mod) &&
probed_mod->state != MODULE_STATE_COMING) {
module_put(probed_mod);
if (within_module_init((unsigned long)p->addr, probed_mod) &&
probed_mod->state != MODULE_STATE_COMING) {
module_put(probed_mod);
- goto
fail_with_jump_label
;
+ goto
cannot_probe
;
}
/* ret will be updated by following code */
}
}
/* ret will be updated by following code */
}
@@
-1409,7
+1411,7
@@
out:
return ret;
return ret;
-
fail_with_jump_label
:
+
cannot_probe
:
preempt_enable();
jump_label_unlock();
return ret;
preempt_enable();
jump_label_unlock();
return ret;
@@
-1673,8
+1675,12
@@
static int __kprobes pre_handler_kretprobe(struct kprobe *p,
ri->rp = rp;
ri->task = current;
ri->rp = rp;
ri->task = current;
- if (rp->entry_handler && rp->entry_handler(ri, regs))
+ if (rp->entry_handler && rp->entry_handler(ri, regs)) {
+ raw_spin_lock_irqsave(&rp->lock, flags);
+ hlist_add_head(&ri->hlist, &rp->free_instances);
+ raw_spin_unlock_irqrestore(&rp->lock, flags);
return 0;
return 0;
+ }
arch_prepare_kretprobe(ri, regs);
arch_prepare_kretprobe(ri, regs);