sys: don't hold uts_sem while accessing userspace memory - linux

diff options

author	Jann Horn <jannh@google.com>	2018-06-25 18:34:10 +0200
committer	Eric W. Biederman <ebiederm@xmission.com>	2018-08-11 09:05:53 +0200
commit	42a0cc3478584d4d63f68f2f5af021ddbea771fa (patch)
tree	8dc33625ea1c8488e01965f159ef3f597eba42cb /README
parent	userns: move user access out of the mutex (diff)
download	linux-42a0cc3478584d4d63f68f2f5af021ddbea771fa.tar.xz linux-42a0cc3478584d4d63f68f2f5af021ddbea771fa.zip

sys: don't hold uts_sem while accessing userspace memory

Holding uts_sem as a writer while accessing userspace memory allows a namespace admin to stall all processes that attempt to take uts_sem. Instead, move data through stack buffers and don't access userspace memory while uts_sem is held. Cc: stable@vger.kernel.org Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>

Diffstat (limited to 'README')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: