From a27c26431d2541ee5c23e079e20689bcc1875e13 Mon Sep 17 00:00:00 2001 From: Zheng Yejian Date: Tue, 22 Feb 2022 22:12:38 +0800 Subject: [PATCH] livepatch/x86: Fix incorrect use of 'strncpy' hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I4UAQ1 -------------------------------- Refer to following codes, 'strncpy' would stop copying if Null character encountered. For example, when 'code' is "53 be 00 0a 05", 'old_code' would be "53 be 00 00 00". > 396 static void *klp_old_code(unsigned char *code) > 397 { > 398 static unsigned char old_code[JMP_E9_INSN_SIZE]; > 399 > 400 strncpy(old_code, code, JMP_E9_INSN_SIZE); > 401 return old_code; > 402 } As a result, the instructions cannot be restored completely, and the system becomes abnormal. Fixes: f5a6746743d8 ("livepatch/x86: support livepatch without ftrace") Suggested-by: Xu Kuohai Signed-off-by: Zheng Yejian Reviewed-by: Kuohai Xu Signed-off-by: Zheng Zengkai --- arch/x86/kernel/livepatch.c | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/arch/x86/kernel/livepatch.c b/arch/x86/kernel/livepatch.c index b3e891efa113..2a541c7de167 100644 --- a/arch/x86/kernel/livepatch.c +++ b/arch/x86/kernel/livepatch.c @@ -367,14 +367,6 @@ static void *klp_jmp_code(unsigned long ip, unsigned long addr) return text_gen_insn(JMP32_INSN_OPCODE, (void *)ip, (void *)addr); } -static void *klp_old_code(unsigned char *code) -{ - static unsigned char old_code[JMP_E9_INSN_SIZE]; - - strncpy(old_code, code, JMP_E9_INSN_SIZE); - return old_code; -} - void arch_klp_code_modify_prepare(void) __acquires(&text_mutex) { @@ -422,7 +414,7 @@ void arch_klp_unpatch_func(struct klp_func *func) ip = (unsigned long)func_node->old_func; if (list_is_singular(&func_node->func_stack)) { list_del_rcu(&func->stack_node); - new = klp_old_code(func_node->arch_data.old_code); + new = func_node->arch_data.old_code; } else { list_del_rcu(&func->stack_node); next_func = list_first_or_null_rcu(&func_node->func_stack, -- GitLab