[PW_SID:1088433] [v2] riscv: Fix register corruption from uninitialized cregs on error#1852
[PW_SID:1088433] [v2] riscv: Fix register corruption from uninitialized cregs on error#1852linux-riscv-bot wants to merge 1 commit into
Conversation
compat_riscv_gpr_set() calls cregs_to_regs() unconditionally, even when user_regset_copyin() fails. Since cregs is an uninitialized stack variable, a copyin failure causes uninitialized stack data to be written into the target task's pt_regs, corrupting its register state and potentially leaking kernel stack contents. compat_restore_sigcontext() has the same issue: it calls cregs_to_regs() even when __copy_from_user() fails, leading to the same corruption of the signal-returning task's register state on error. Only call cregs_to_regs() when the user copy succeeds. Fixes: 4608c15 ("riscv: compat: ptrace: Add compat_arch_ptrace implement") Fixes: 7383ee0 ("riscv: compat: signal: Add rt_frame implementation") Signed-off-by: Michael Neuling <mikey@neuling.org> Assisted-by: Cursor:claude-4.6-opus-high-thinking Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
|
Patch 1: "[v2] riscv: Fix register corruption from uninitialized cregs on error" |
2 participants
PR for series 1088433 applied to workflow__riscv__fixes
Name: [v2] riscv: Fix register corruption from uninitialized cregs on error
URL: https://patchwork.kernel.org/project/linux-riscv/list/?series=1088433
Version: 2