diff options
| author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2019-02-28 12:13:52 -0800 |
|---|---|---|
| committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2019-02-28 12:13:52 -0800 |
| commit | 755e36bfae350f16769e0f51bba54c36d2c4b80e (patch) | |
| tree | 1eeed50e1e8544d702bc9c811198d290fa741aba | |
| parent | Applied memory leak patch (diff) | |
| download | linux-hardened-ck-755e36bfae350f16769e0f51bba54c36d2c4b80e.tar.xz | |
Apparently hardened already applies the memleak patch
| -rw-r--r-- | PKGBUILD | 7 | ||||
| -rw-r--r-- | exec-Fix-mem-leak-in-kernel_read_file.patch | 49 |
2 files changed, 1 insertions, 55 deletions
@@ -51,7 +51,6 @@ source=(https://www.kernel.org/pub/linux/kernel/v4.x/linux-${_pkgver}.tar.xz 90-linux.hook # pacman hook for initramfs regeneration linux.preset # standard config files for mkinitcpio ramdisk unscrew-ck1-for-kvm-intel-symbol.patch - exec-Fix-mem-leak-in-kernel_read_file.patch ) sha256sums=('1cf544308195250805e0731c716691bea4c1ed29e03e6f9ae5be6dc16785a504' 'SKIP' @@ -65,8 +64,7 @@ sha256sums=('1cf544308195250805e0731c716691bea4c1ed29e03e6f9ae5be6dc16785a504' 'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21' '75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919' 'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65' - '3e8c7d3015bb593e8a861be0b2b9f1de74fcb25e00c6e3eacee3165c6bec6f64' - 'bbf31b3a6af1db882cb63bd5e5385f174f2345272acaf18f129712a0a726689b') + '3e8c7d3015bb593e8a861be0b2b9f1de74fcb25e00c6e3eacee3165c6bec6f64') validpgpkeys=( 'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds '647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman @@ -111,9 +109,6 @@ prepare() { msg " Applying unscrew patch" patch -p1 -i ../unscrew-ck1-for-kvm-intel-symbol.patch - # Set memleak patch - patch -p1 -i ../exec-Fix-mem-leak-in-kernel_read_file.patch - msg2 "Setting version..." sed -e "/^EXTRAVERSION =/s/=.*/= .${_hardenedver}/" -i Makefile diff --git a/exec-Fix-mem-leak-in-kernel_read_file.patch b/exec-Fix-mem-leak-in-kernel_read_file.patch deleted file mode 100644 index 750e105..0000000 --- a/exec-Fix-mem-leak-in-kernel_read_file.patch +++ /dev/null @@ -1,49 +0,0 @@ -From e4817043e07f7414acdb25aa0d0689cb30a5fc2b Mon Sep 17 00:00:00 2001 -From: YueHaibing <yuehaibing@huawei.com> -Date: Tue, 19 Feb 2019 10:10:38 +0800 -Subject: [PATCH 2/3] exec: Fix mem leak in kernel_read_file - -syzkaller report this: -BUG: memory leak -unreferenced object 0xffffc9000488d000 (size 9195520): - comm "syz-executor.0", pid 2752, jiffies 4294787496 (age 18.757s) - hex dump (first 32 bytes): - ff ff ff ff ff ff ff ff a8 00 00 00 01 00 00 00 ................ - 02 00 00 00 00 00 00 00 80 a1 7a c1 ff ff ff ff ..........z..... - backtrace: - [<000000000863775c>] __vmalloc_node mm/vmalloc.c:1795 [inline] - [<000000000863775c>] __vmalloc_node_flags mm/vmalloc.c:1809 [inline] - [<000000000863775c>] vmalloc+0x8c/0xb0 mm/vmalloc.c:1831 - [<000000003f668111>] kernel_read_file+0x58f/0x7d0 fs/exec.c:924 - [<000000002385813f>] kernel_read_file_from_fd+0x49/0x80 fs/exec.c:993 - [<0000000011953ff1>] __do_sys_finit_module+0x13b/0x2a0 kernel/module.c:3895 - [<000000006f58491f>] do_syscall_64+0x147/0x600 arch/x86/entry/common.c:290 - [<00000000ee78baf4>] entry_SYSCALL_64_after_hwframe+0x49/0xbe - [<00000000241f889b>] 0xffffffffffffffff - -It should goto 'out_free' lable to free allocated buf while kernel_read -fails. - -Fixes: 39d637af5aa7 ("vfs: forbid write access when reading a file into memory") -Signed-off-by: YueHaibing <yuehaibing@huawei.com> -Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> ---- - fs/exec.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/fs/exec.c b/fs/exec.c -index fc281b738a98..20c33029a062 100644 ---- a/fs/exec.c -+++ b/fs/exec.c -@@ -929,7 +929,7 @@ int kernel_read_file(struct file *file, void **buf, loff_t *size, - bytes = kernel_read(file, *buf + pos, i_size - pos, &pos); - if (bytes < 0) { - ret = bytes; -- goto out; -+ goto out_free; - } - - if (bytes == 0) --- -2.20.1 - |