linux/fs/proc at v2.6.32.36 - linux - sys114

shinys000114/linux

mirror of https://github.com/hardkernel/linux.git synced 2026-06-10 04:48:04 +09:00

Files

History

Kees Cook 56df433ee5 proc: protect mm start_code/end_code in /proc/pid/stat

commit 5883f57ca0 upstream.

While mm->start_stack was protected from cross-uid viewing (commit
f83ce3e6b0 ("proc: avoid information leaks to non-privileged
processes")), the start_code and end_code values were not.  This would
allow the text location of a PIE binary to leak, defeating ASLR.

Note that the value "1" is used instead of "0" for a protected value since
"ps", "killall", and likely other readers of /proc/pid/stat, take
start_code of "0" to mean a kernel thread and will misbehave.  Thanks to
Brad Spengler for pointing this out.

Addresses CVE-2011-0726

Signed-off-by: Kees Cook <kees.cook@canonical.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Eugene Teo <eugeneteo@kernel.sg>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Brad Spengler <spender@grsecurity.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

2011-03-27 11:30:37 -07:00

..

array.c

proc: protect mm start_code/end_code in /proc/pid/stat

2011-03-27 11:30:37 -07:00

base.c

procfs: fix tid fdinfo

2010-05-12 14:57:03 -07:00

cmdline.c

proc: switch /proc/cmdline to seq_file

2008-10-23 14:29:04 +04:00

cpuinfo.c

proc: move /proc/cpuinfo code to fs/proc/cpuinfo.c

2008-10-23 15:05:11 +04:00

devices.c

proc: move /proc/devices code to fs/proc/devices.c

2008-10-23 15:02:18 +04:00

generic.c

proc 1/2: do PDE usecounting even for ->read_proc, ->write_proc

2009-03-31 01:14:27 +04:00

inode.c

proc 2/2: remove struct proc_dir_entry::owner

2009-03-31 01:14:44 +04:00

internal.h

Move junk from proc_fs.h to fs/proc/internal.h

2009-06-11 21:36:01 -04:00

interrupts.c

proc: move /proc/interrupts boilerplate code to fs/proc/interrupts.c

2008-10-23 15:15:46 +04:00

Kconfig

proc: move PROC_PAGE_MONITOR to fs/proc/Kconfig

2008-10-10 04:18:57 +04:00

kcore.c

fs: includecheck fix: proc, kcore.c

2009-10-08 07:36:38 -07:00

kmsg.c

proc: move /proc/kmsg creation to fs/proc/kmsg.c

2008-10-23 14:35:08 +04:00

loadavg.c

sched, timers: cleanup avenrun users

2009-05-15 15:32:45 +02:00

Makefile

proc: export statistics for softirq to /proc

2009-06-18 13:03:41 -07:00

meminfo.c

hwpoison: fix/proc/meminfo alignment

2009-10-29 07:39:25 -07:00

mmu.c

fs/proc/mmu.c: headers butchery

2007-10-17 08:42:48 -07:00

nommu.c

seq_file: constify seq_operations

2009-09-23 07:39:29 -07:00

page.c

pagemap: export KPF_HWPOISON

2009-10-08 07:36:39 -07:00

proc_devtree.c

procfs: remove sparse errors in proc_devtree.c

2009-06-18 13:03:41 -07:00

proc_net.c

proc: stop using BKL

2009-01-05 12:27:44 +03:00

proc_sysctl.c

sysctl: remove "struct file *" argument of ->proc_handler

2009-09-24 07:21:04 -07:00

proc_tty.c

proc tty: remove struct tty_operations::read_proc

2009-04-01 08:59:10 -07:00

root.c

Convert obvious places to deactivate_locked_super()

2009-05-09 10:49:40 -04:00

softirqs.c

proc: export statistics for softirq to /proc

2009-06-18 13:03:41 -07:00

stat.c

proc: export statistics for softirq to /proc

2009-06-18 13:03:41 -07:00

task_mmu.c

procfs: fix /proc/<pid>/maps heap check

2011-03-27 11:30:36 -07:00

task_nommu.c

mm_for_maps: shift down_read(mmap_sem) to the caller

2009-08-10 20:48:32 +10:00

uptime.c

[PATCH] Fix idle time field in /proc/uptime

2009-09-24 10:16:24 +02:00

version.c

proc: switch /proc/version to seq_file

2008-10-23 14:19:58 +04:00

vmcore.c

proc: vmcore - use kzalloc in get_new_element()

2009-06-18 13:03:41 -07:00