VM/Security: add security hook to do_brk
Given a specifically crafted binary do_brk() can be used to get low pages available in userspace virtually memory and can thus be used to circumvent the mmap_min_addr low memory protection. Add security checks in do_brk(). Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Alan Cox <alan@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
7cd94146cd
commit
5a211a5dea
@ -1941,6 +1941,10 @@ unsigned long do_brk(unsigned long addr, unsigned long len)
|
||||
if (is_hugepage_only_range(mm, addr, len))
|
||||
return -EINVAL;
|
||||
|
||||
error = security_file_mmap(0, 0, 0, 0, addr, 1);
|
||||
if (error)
|
||||
return error;
|
||||
|
||||
flags = VM_DATA_DEFAULT_FLAGS | VM_ACCOUNT | mm->def_flags;
|
||||
|
||||
error = arch_mmap_check(addr, len, flags);
|
||||
|
Loading…
Reference in New Issue
Block a user