Unverified Commit 33267d4a authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!14248 Fix CVE-2024-50194 

Merge Pull Request from: @ci-robot 
 
PR sync from: Ze Zuo <zuoze1@huawei.com>
https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/NZ4YYC2KD43HL6OLVBFEHUE2RURM5JCD/ 
Fix CVE-2024-50194

Mark Rutland (1):
  arm64: probes: Fix uprobes for big-endian kernels

junhua huang (2):
  arm64:uprobe fix the uprobe SWBP_INSN in big-endian
  arm64/uprobes: change the uprobe_opcode_t typedef to fix the sparse
    warning


-- 
2.25.1
 
https://gitee.com/src-openeuler/kernel/issues/IB4P9Q 
 
Link:https://gitee.com/openeuler/kernel/pulls/14248

 

Reviewed-by: default avatarYuan Can <yuancan@huawei.com>
Reviewed-by: default avatarXu Kuohai <xukuohai@huawei.com>
Signed-off-by: default avatarYuan Can <yuancan@huawei.com>
parents 6edeb246 fab9fbbd

arch/arm64/include/asm/uprobes.h

+5 −7
Original line number Diff line number Diff line
@@ -13,21 +13,19 @@ 
#include <asm/insn.h>

#include <asm/probes.h>



#define MAX_UINSN_BYTES		AARCH64_INSN_SIZE



#define UPROBE_SWBP_INSN	BRK64_OPCODE_UPROBES

#define UPROBE_SWBP_INSN	cpu_to_le32(BRK64_OPCODE_UPROBES)

#define UPROBE_SWBP_INSN_SIZE	AARCH64_INSN_SIZE

#define UPROBE_XOL_SLOT_BYTES	MAX_UINSN_BYTES

#define UPROBE_XOL_SLOT_BYTES	AARCH64_INSN_SIZE



typedef u32 uprobe_opcode_t;

typedef __le32 uprobe_opcode_t;



struct arch_uprobe_task {

};



struct arch_uprobe {

	union {

		u8 insn[MAX_UINSN_BYTES];

		u8 ixol[MAX_UINSN_BYTES];

		__le32 insn;

		__le32 ixol;

	};

	struct arch_probe_insn api;

	bool simulate;

arch/arm64/kernel/probes/uprobes.c

+2 −2
Original line number Diff line number Diff line
@@ -45,7 +45,7 @@ int arch_uprobe_analyze_insn(struct arch_uprobe *auprobe, struct mm_struct *mm, 
	else if (!IS_ALIGNED(addr, AARCH64_INSN_SIZE))

		return -EINVAL;



	insn = *(probe_opcode_t *)(&auprobe->insn[0]);

	insn = le32_to_cpu(auprobe->insn);



	switch (arm_probe_decode_insn(insn, &auprobe->api)) {

	case INSN_REJECTED:
@@ -111,7 +111,7 @@ bool arch_uprobe_skip_sstep(struct arch_uprobe *auprobe, struct pt_regs *regs) 
	if (!auprobe->simulate)

		return false;



	insn = *(probe_opcode_t *)(&auprobe->insn[0]);

	insn = le32_to_cpu(auprobe->insn);

	addr = instruction_pointer(regs);



	if (auprobe->api.handler)