From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Tue, 19 Jan 2016 14:51:55 +0000 (-0500)
Subject: Fix: check reference counts for overflow
X-Git-Tag: v2.7.2~15
X-Git-Url: http://git.lttng.org./?a=commitdiff_plain;h=4ce9f32b8ec6ff1de14d734607a5f4a20fb743e5;hp=4ce9f32b8ec6ff1de14d734607a5f4a20fb743e5;p=lttng-modules.git

Fix: check reference counts for overflow

Linux kernel CVE-2016-0728 is a use-after-free based on overflow of the
reference counting mechanism.

Implement a kref wrapper in lttng that validates overflows, and use it
instead of kref_get(). Also check explicitly for overflows on file
fcount counters.

This should not be an issue in practice in lttng-modules because the ABI
is only exposed to root, but let's err on the safe side.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
---