Chris Metcalf 1deb9c5dfb arch/tile: don't allow user code to set the PL via ptrace or signal return ...

The kernel was allowing any component of the pt_regs to be updated either
by signal handlers writing to the stack, or by processes writing via
PTRACE_POKEUSR or PTRACE_SETREGS, which meant they could set their PL
up from 0 to 1 and get access to kernel code and data (or, in practice,
cause a kernel panic).  We now always reset the ex1 field, allowing the
user to set their ICS bit only.

Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>

2010-11-01 15:31:17 -04:00

5.1 KiB

Raw Blame History

View Raw