• Heiko Carstens's avatar
    s390: restore address space when returning to user space · b5a882fc
    Heiko Carstens authored
    Unbalanced set_fs usages (e.g. early exit from a function and a
    forgotten set_fs(USER_DS) call) may lead to a situation where the
    secondary asce is the kernel space asce when returning to user
    space. This would allow user space to modify kernel space at will.
    
    This would only be possible with the above mentioned kernel bug,
    however we can detect this and fix the secondary asce before returning
    to user space.
    
    Therefore a new TIF_ASCE_SECONDARY which is used within set_fs. When
    returning to user space check if TIF_ASCE_SECONDARY is set, which
    would indicate a bug. If it is set print a message to the console,
    fixup the secondary asce, and then return to user space.
    
    This is similar to what is being discussed for x86 and arm:
    "[RFC] syscalls: Restore address limit after a syscall".
    Reviewed-by: default avatarChristian Borntraeger <borntraeger@de.ibm.com>
    Signed-off-by: default avatarHeiko Carstens <heiko.carstens@de.ibm.com>
    Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
    b5a882fc
entry.S 33.2 KB