author | Jiamin Ma <jiamin.ma@amlogic.com> | 2019-04-28 10:15:19 (GMT) |
---|---|---|
committer | Jiamin Ma <jiamin.ma@amlogic.com> | 2019-04-28 10:22:15 (GMT) |
commit | 59be0f714fe24ed2cd2967163e2f51ab93046798 (patch) | |
tree | b3b1bad447acb72b288b832d01410da55faa2486 | |
parent | eb5593126836662fbc993c6a79251e0055af7010 (diff) | |
download | common-59be0f714fe24ed2cd2967163e2f51ab93046798.zip common-59be0f714fe24ed2cd2967163e2f51ab93046798.tar.gz common-59be0f714fe24ed2cd2967163e2f51ab93046798.tar.bz2 |
Security: fix sts testPocCVE_2016_6753 [1/1]
PD#SWPL-7852
Problem:
android.security.sts.Poc16_11#testPocCVE_2016_6753 fail
Solution:
do not expose kernel addr info via cgroup_css_links_read
Verify:
U200
Change-Id: I74e4904e8b662db9d6589a1926c62c87e12d6f6f
Signed-off-by: Jiamin Ma <jiamin.ma@amlogic.com>
-rw-r--r-- | kernel/cgroup.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 0feeaca..8ecb222 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c @@ -6600,7 +6600,15 @@ static int cgroup_css_links_read(struct seq_file *seq, void *v) struct task_struct *task; int count = 0; + /* + * Fix for android.security.sts.Poc16_11#testPocCVE_2016_6753 + * We should not expose kernel address info to user space + */ +#ifdef CONFIG_AMLOGIC_MODIFY + seq_puts(seq, "css_set (____ptrval____)\n"); +#else seq_printf(seq, "css_set %p\n", cset); +#endif list_for_each_entry(task, &cset->tasks, cg_list) { if (count++ > MAX_TASKS_SHOWN_PER_CSS) |