x86-64: Fix register leak in 32-bit syscall audting (81766741) · Commits · E-EXK4 - Operating System Group / projects / Linux

Commit 81766741 authored 15 years ago by Jan Beulich Committed by Ingo Molnar 15 years ago

x86-64: Fix register leak in 32-bit syscall audting


Restoring %ebp after the call to audit_syscall_exit() is not
only unnecessary (because the register didn't get clobbered),
but in the sysenter case wasn't even doing the right thing: It
loaded %ebp from a location below the top of stack (RBP <
ARGOFFSET), i.e. arbitrary kernel data got passed back to user
mode in the register.

Signed-off-by: Jan Beulich <jbeulich@novell.com>
Acked-by: Roland McGrath <roland@redhat.com>
Cc: <stable@kernel.org>
LKML-Reference: <4AE5CC4D020000780001BD13@vpn.id2.novell.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>

parent 72ed7de7

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 2 additions and 3 deletions

Please register or to comment