www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Kees Cook <keescook@chromium.org>
	Tue, 1 May 2018 22:19:04 +0000 (15:19 -0700)
committer	Brian Maly <brian.maly@oracle.com>
	Mon, 21 May 2018 22:05:02 +0000 (18:05 -0400)
commit	e807a37255bb7e06f023d08bb5fd1375670a4952
tree	8ae0a319ec94bdc12527863922214bafdcfc7655	tree
parent	1a5d493f0e87f2e7b9b031f84685664054b503a7	commit \| diff

nospec: Allow getting/setting on non-current task

Adjust arch_prctl_get/set_spec_ctrl() to operate on tasks other than
current.

This is needed both for /proc/$pid/status queries and for seccomp (since
thread-syncing can trigger seccomp in non-current threads).

OraBug: 28041771
CVE: CVE-2018-3639

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
(cherry picked from commit 7bbf1373e228840bb0295a2ca26d548ef37f448e)
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mihai Carabas <mihai.carabas@oracle.com>
Conflicts:
arch/x86/kernel/cpu/bugs.c
include/linux/nospec.h
kernel/sys.c

Signed-off-by: Brian Maly <brian.maly@oracle.com>

arch/x86/include/asm/nospec-branch.h		diff \| blob \| history
arch/x86/kernel/cpu/bugs_64.c		diff \| blob \| history
kernel/sys.c		diff \| blob \| history