1
linux/arch/x86/ia32
Jan Beulich 81766741fe x86-64: Fix register leak in 32-bit syscall audting
Restoring %ebp after the call to audit_syscall_exit() is not
only unnecessary (because the register didn't get clobbered),
but in the sysenter case wasn't even doing the right thing: It
loaded %ebp from a location below the top of stack (RBP <
ARGOFFSET), i.e. arbitrary kernel data got passed back to user
mode in the register.

Signed-off-by: Jan Beulich <jbeulich@novell.com>
Acked-by: Roland McGrath <roland@redhat.com>
Cc: <stable@kernel.org>
LKML-Reference: <4AE5CC4D020000780001BD13@vpn.id2.novell.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2009-10-26 16:23:26 +01:00
..
audit.c
ia32_aout.c
ia32_signal.c x86: ia32_signal: introduce {get|set}_user_seg() 2009-02-22 17:54:47 +01:00
ia32entry.S x86-64: Fix register leak in 32-bit syscall audting 2009-10-26 16:23:26 +01:00
ipc32.c x86: introducing asm/sys_ia32.h 2008-12-29 13:18:40 +01:00
Makefile
sys_ia32.c x86, 32-bit: Use generic sys_pipe() 2009-08-08 18:20:52 +02:00