Commit 9abc74a2 authored Apr 01, 2017 by Richard Weinberger

um: Fix PTRACE_POKEUSER on x86_64



This is broken since ever but sadly nobody noticed.
Recent versions of GDB set DR_CONTROL unconditionally and
UML dies due to a heap corruption. It turns out that
the PTRACE_POKEUSER was copy&pasted from i386 and assumes
that addresses are 4 bytes long.

Fix that by using 8 as address size in the calculation.

Cc: <stable@vger.kernel.org>
Reported-by: jie cao <cj3054@gmail.com>
Signed-off-by: Richard Weinberger <richard@nod.at>

parent 8bba0770

arch/x86/um/ptrace_64.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -125,7 +125,7 @@ int poke_user(struct task_struct *child, long addr, long data)
		else if ((addr >= offsetof(struct user, u_debugreg[0])) &&
		(addr <= offsetof(struct user, u_debugreg[7]))) {
		addr -= offsetof(struct user, u_debugreg[0]);
		addr = addr >> 2;
		addr = addr >> 3;
		if ((addr == 4) \|\| (addr == 5))
		return -EIO;
		child->thread.arch.debugregs[addr] = data;