53a019a951
Fix x86 insn decoder for hardening against invalid length instructions. This adds length checkings for each byte-read site and if it exceeds MAX_INSN_SIZE, returns immediately. This can happen when decoding user-space binary. Caller can check whether it happened by checking insn.*.got member is set or not. Signed-off-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com> Cc: Stephane Eranian <eranian@google.com> Cc: Andi Kleen <andi@firstfloor.org> Cc: acme@redhat.com Cc: ming.m.lin@intel.com Cc: robert.richter@amd.com Cc: ravitillo@lbl.gov Cc: yrl.pp-manager.tt@hitachi.com Cc: Peter Zijlstra <peterz@infradead.org> Cc: Srikar Dronamraju <srikar@linux.vnet.ibm.com> Cc: Peter Zijlstra <peterz@infradead.org> Link: http://lkml.kernel.org/r/20111007133155.10933.58577.stgit@localhost.localdomain Signed-off-by: Ingo Molnar <mingo@elte.hu> |
||
---|---|---|
.. | ||
.gitignore | ||
atomic64_32.c | ||
atomic64_386_32.S | ||
atomic64_cx8_32.S | ||
cache-smp.c | ||
checksum_32.S | ||
clear_page_64.S | ||
cmpxchg.c | ||
cmpxchg8b_emu.S | ||
cmpxchg16b_emu.S | ||
copy_page_64.S | ||
copy_user_64.S | ||
copy_user_nocache_64.S | ||
csum-copy_64.S | ||
csum-partial_64.c | ||
csum-wrappers_64.c | ||
delay.c | ||
getuser.S | ||
inat.c | ||
insn.c | ||
iomap_copy_64.S | ||
Makefile | ||
memcpy_32.c | ||
memcpy_64.S | ||
memmove_64.S | ||
memset_64.S | ||
mmx_32.c | ||
msr-reg-export.c | ||
msr-reg.S | ||
msr-smp.c | ||
msr.c | ||
putuser.S | ||
rwlock.S | ||
rwsem.S | ||
string_32.c | ||
strstr_32.c | ||
thunk_32.S | ||
thunk_64.S | ||
usercopy.c | ||
usercopy_32.c | ||
usercopy_64.c | ||
x86-opcode-map.txt |