projects / lttng-modules.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 07ce44c) | patch
Fix: check reference counts for overflow
authorMathieu Desnoyers <mathieu.desnoyers@efficios.com>
Tue, 19 Jan 2016 14:51:55 +0000 (09:51 -0500)
committerMathieu Desnoyers <mathieu.desnoyers@efficios.com>
Tue, 19 Jan 2016 14:51:55 +0000 (09:51 -0500)
commit9c1f4643eb4a11d451a979d81389f0c2ff666af2
tree7a8b36f29460ba64cbb36212bd73d7990f273206tree | snapshot
parent07ce44c3ddf3f2d53de070866c6ae26435abea71commit | diff
Fix: check reference counts for overflow

Linux kernel CVE-2016-0728 is a use-after-free based on overflow of the
reference counting mechanism.

Implement a kref wrapper in lttng that validates overflows, and use it
instead of kref_get(). Also check explicitly for overflows on file
fcount counters.

This should not be an issue in practice in lttng-modules because the ABI
is only exposed to root, but let's err on the safe side.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
lib/ringbuffer/ring_buffer_frontend.c diff | blob | blame | history
lttng-abi.c diff | blob | blame | history
lttng-events.c diff | blob | blame | history
probes/lttng-kretprobes.c diff | blob | blame | history
wrapper/kref.h [new file with mode: 0644] blob
LTTng 2.0/0.x modules
This page took 0.026042 seconds and 4 git commands to generate.