diff options
author | Andi Kleen <ak@suse.de> | 2007-09-21 16:16:18 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-09-21 09:52:07 -0700 |
commit | 176df2457ef6207156ca1a40991c54ca01fef567 (patch) | |
tree | dddbc675ad695d1bae8f32a1c877b47c3a548a09 /arch/x86_64/kernel | |
parent | 335fb8fc71692830aca0a5a5fe7f60016ee0d0aa (diff) | |
download | talos-op-linux-176df2457ef6207156ca1a40991c54ca01fef567.tar.gz talos-op-linux-176df2457ef6207156ca1a40991c54ca01fef567.zip |
x86_64: Zero extend all registers after ptrace in 32bit entry path.
Strictly it's only needed for eax.
It actually does a little more than strictly needed -- the other registers
are already zero extended.
Also remove the now unnecessary and non functional compat task check
in ptrace.
This is CVE-2007-4573
Found by Wojciech Purczynski
Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'arch/x86_64/kernel')
-rw-r--r-- | arch/x86_64/kernel/ptrace.c | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/arch/x86_64/kernel/ptrace.c b/arch/x86_64/kernel/ptrace.c index e83cc67155ac..eea3702427b4 100644 --- a/arch/x86_64/kernel/ptrace.c +++ b/arch/x86_64/kernel/ptrace.c @@ -232,10 +232,6 @@ static int putreg(struct task_struct *child, { unsigned long tmp; - /* Some code in the 64bit emulation may not be 64bit clean. - Don't take any chances. */ - if (test_tsk_thread_flag(child, TIF_IA32)) - value &= 0xffffffff; switch (regno) { case offsetof(struct user_regs_struct,fs): if (value && (value & 3) != 3) |