Alexey Dobriyan c995f12ad8 prctl: fix PR_SET_MM_AUXV kernel stack leak ... Doing a prctl(PR_SET_MM, PR_SET_MM_AUXV, addr, 1); will copy 1 byte from userspace to (quite big) on-stack array and then stash everything to mm->saved_auxv. AT_NULL terminator will be inserted at the very end. /proc/*/auxv handler will find that AT_NULL terminator and copy original stack contents to userspace. This devious scheme requires CAP_SYS_RESOURCE. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>		2021-03-14 14:33:27 -07:00
..
bpf	bpf: Explicitly zero-extend R0 after 32-bit cmpxchg	2021-03-04 19:06:03 -08:00
cgroup	idmapped-mounts-v5.12	2021-02-23 13:39:45 -08:00
configs
debug	kgdb: fix to kill breakpoints on initmem after boot	2021-02-26 09:41:05 -08:00
dma	Merge branch 'stable/for-linus-5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/swiotlb	2021-02-26 13:59:32 -08:00
entry
events	perf/core: Flush PMU internal buffers for per-CPU events	2021-03-06 12:52:39 +01:00
gcov
irq	irqdomain: Remove debugfs_file from struct irq_domain	2021-03-08 20:12:08 +00:00
kcsan
livepatch
locking	kernel: delete repeated words in comments	2021-02-26 09:41:03 -08:00
power
printk	Merge branch 'printk-rework' into for-linus	2021-02-22 13:43:55 +01:00
rcu
sched	sched/membarrier: fix missing local execution of ipi_sync_rq_state()	2021-03-06 12:40:21 +01:00
time	hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event()	2021-03-08 09:37:01 +01:00
trace	tracing: Skip selftests if tracing is disabled	2021-03-04 09:51:25 -05:00
.gitignore
acct.c
async.c
audit.c
audit.h
audit_fsnotify.c	audit_alloc_mark(): don't open-code ERR_CAST()	2021-02-23 10:25:27 -05:00
audit_tree.c
audit_watch.c
auditfilter.c
auditsc.c	idmapped-mounts-v5.12	2021-02-23 13:39:45 -08:00
backtracetest.c
bounds.c
capability.c
compat.c
configs.c
context_tracking.c
cpu.c
cpu_pm.c
crash_core.c
crash_dump.c
cred.c
delayacct.c
dma.c
exec_domain.c
exit.c
extable.c
fail_function.c
fork.c	Merge branch 'akpm' (patches from Andrew)	2021-03-14 12:23:34 -07:00
freezer.c
futex.c
gen_kheaders.sh
groups.c	groups: simplify struct group_info allocation	2021-02-26 09:41:03 -08:00
hung_task.c
iomem.c
irq_work.c
jump_label.c
kallsyms.c
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c
kexec.c
kexec_core.c
kexec_elf.c
kexec_file.c
kexec_internal.h	kexec: move machine_kexec_post_load() to public interface	2021-02-22 12:33:26 +00:00
kheaders.c
kmod.c
kprobes.c
ksysfs.c
kthread.c
latencytop.c
Makefile
module-internal.h
module.c
module_signature.c
module_signing.c
notifier.c
nsproxy.c
padata.c
panic.c
params.c
pid.c
pid_namespace.c
profile.c
ptrace.c	kernel: treat PF_IO_WORKER like PF_KTHREAD for ptrace/signals	2021-02-21 17:25:22 -07:00
range.c
reboot.c
regset.c
relay.c
resource.c
resource_kunit.c
rseq.c
scftorture.c
scs.c
seccomp.c
signal.c	kernel: treat PF_IO_WORKER like PF_KTHREAD for ptrace/signals	2021-02-21 17:25:22 -07:00
smp.c
smpboot.c
smpboot.h
softirq.c
stackleak.c
stacktrace.c
static_call.c	static_call: Fix the module key fixup	2021-03-06 12:49:08 +01:00
stop_machine.c
sys.c	prctl: fix PR_SET_MM_AUXV kernel stack leak	2021-03-14 14:33:27 -07:00
sys_ni.c
sysctl-test.c
sysctl.c	sysctl.c: fix underflow value setting risk in vm_table	2021-02-26 09:41:03 -08:00
task_work.c
taskstats.c
test_kprobes.c
torture.c
tracepoint.c
tsacct.c
ucount.c
uid16.c
uid16.h
umh.c
up.c
user-return-notifier.c
user.c
user_namespace.c
usermode_driver.c
utsname.c
utsname_sysctl.c
watch_queue.c
watchdog.c
watchdog_hld.c
workqueue.c	Merge branch 'for-5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq	2021-02-22 17:06:54 -08:00
workqueue_internal.h