diff options
author | Vegard Nossum <vegard.nossum@oracle.com> | 2014-02-16 22:24:17 +0100 |
---|---|---|
committer | Thomas Gleixner <tglx@linutronix.de> | 2014-02-21 21:27:10 +0100 |
commit | 4efbc454ba68def5ef285b26ebfcfdb605b52755 (patch) | |
tree | 96fd992414451a19797a38476afed61b352d3d4f /include | |
parent | 3cf1962cdbf6b3a9e3ef21116d215bbab350ea37 (diff) | |
download | linux-4efbc454ba68def5ef285b26ebfcfdb605b52755.tar.bz2 |
sched: Fix information leak in sys_sched_getattr()
We're copying the on-stack structure to userspace, but forgot to give
the right number of bytes to copy. This allows the calling process to
obtain up to PAGE_SIZE bytes from the stack (and possibly adjacent
kernel memory).
This fix copies only as much as we actually have on the stack
(attr->size defaults to the size of the struct) and leaves the rest of
the userspace-provided buffer untouched.
Found using kmemcheck + trinity.
Fixes: d50dde5a10f30 ("sched: Add new scheduler syscalls to support an extended scheduling parameters ABI")
Cc: Dario Faggioli <raistlin@linux.it>
Cc: Juri Lelli <juri.lelli@gmail.com>
Cc: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Link: http://lkml.kernel.org/r/1392585857-10725-1-git-send-email-vegard.nossum@oracle.com
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Diffstat (limited to 'include')
0 files changed, 0 insertions, 0 deletions