diff options
author | Lennert Buytenhek <buytenh@wantstofly.org> | 2005-11-07 21:12:07 +0000 |
---|---|---|
committer | Russell King <rmk+kernel@arm.linux.org.uk> | 2005-11-07 21:12:07 +0000 |
commit | 06c03cac9487555478c7d80065ebf7818bf6fd06 (patch) | |
tree | 1a03ff9ae347f40c11d0e3eee790a1b88ff29cc1 /arch/arm/nwfpe/softfloat-specialize | |
parent | 862184fe013146a0d9654a5598c5a2691747541c (diff) | |
download | kernel_samsung_tuna-06c03cac9487555478c7d80065ebf7818bf6fd06.zip kernel_samsung_tuna-06c03cac9487555478c7d80065ebf7818bf6fd06.tar.gz kernel_samsung_tuna-06c03cac9487555478c7d80065ebf7818bf6fd06.tar.bz2 |
[ARM] 3117/1: nwfpe kernel memory info leak
Patch from Lennert Buytenhek
The routine that nwfpe uses for converting floats/doubles to
extended precision fails to zero two bytes of kernel stack. This
is not immediately obvious, as the floatx80 structure has 16 bits
of implicit padding (by design.) These two bytes are copied to
userspace when an stfe is emulated, causing a possible info leak.
Make the padding explicit and zero it out in the relevant places.
Signed-off-by: Lennert Buytenhek <buytenh@wantstofly.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Diffstat (limited to 'arch/arm/nwfpe/softfloat-specialize')
-rw-r--r-- | arch/arm/nwfpe/softfloat-specialize | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/arm/nwfpe/softfloat-specialize b/arch/arm/nwfpe/softfloat-specialize index acf4091..d4a4c8e 100644 --- a/arch/arm/nwfpe/softfloat-specialize +++ b/arch/arm/nwfpe/softfloat-specialize @@ -332,6 +332,7 @@ static floatx80 commonNaNToFloatx80( commonNaNT a ) z.low = LIT64( 0xC000000000000000 ) | ( a.high>>1 ); z.high = ( ( (bits16) a.sign )<<15 ) | 0x7FFF; + z.__padding = 0; return z; } |