From fcd35857d66201b28b3ab158258e88ca7749fcb7 Mon Sep 17 00:00:00 2001 From: Catalin Marinas Date: Tue, 1 Nov 2016 14:43:25 -0700 Subject: lkdtm: Do not use flush_icache_range() on user addresses The flush_icache_range() API is meant to be used on kernel addresses only as it may not have the infrastructure (exception entries) to handle user memory faults. The lkdtm execute_user_location() function tests the kernel execution of user space addresses by mmap'ing an anonymous page, copying some code together with cache maintenance and attempting to run it. However, the cache maintenance step may fail because of the incorrect API usage described above. The patch changes lkdtm to use access_process_vm() for copying the code into user space which would take care of the necessary cache maintenance. Signed-off-by: Catalin Marinas [kees: export access_process_vm() for module use] Signed-off-by: Kees Cook Signed-off-by: Greg Kroah-Hartman --- mm/memory.c | 1 + 1 file changed, 1 insertion(+) (limited to 'mm/memory.c') diff --git a/mm/memory.c b/mm/memory.c index e18c57bdc75c..485f12d8ad5c 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -3966,6 +3966,7 @@ int access_process_vm(struct task_struct *tsk, unsigned long addr, return ret; } +EXPORT_SYMBOL_GPL(access_process_vm); /* * Print the name of a VMA. -- cgit v1.2.3-70-g09d2