On Fri, 18 May 2018 18:27:39 +0200 Oleg Nesterov <o...@redhat.com> wrote:
> insn_get_length() has the side-effect of processing the entire instruction > but only if it was decoded successfully, otherwise insn_complete() can fail > and in this case we need to just return an error without warning. > This looks good to me. Reviewed-by: Masami Hiramatsu <mhira...@kernel.org> Thanks! > Reported-by: syzbot+30d675e3ca03c1c35...@syzkaller.appspotmail.com > Signed-off-by: Oleg Nesterov <o...@redhat.com> > --- > arch/x86/kernel/uprobes.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/x86/kernel/uprobes.c b/arch/x86/kernel/uprobes.c > index 85c7ef2..efd7ee9 100644 > --- a/arch/x86/kernel/uprobes.c > +++ b/arch/x86/kernel/uprobes.c > @@ -293,7 +293,7 @@ static int uprobe_init_insn(struct arch_uprobe *auprobe, > struct insn *insn, bool > insn_init(insn, auprobe->insn, sizeof(auprobe->insn), x86_64); > /* has the side-effect of processing the entire instruction */ > insn_get_length(insn); > - if (WARN_ON_ONCE(!insn_complete(insn))) > + if (!insn_complete(insn)) > return -ENOEXEC; > > if (is_prefix_bad(insn)) > -- > 2.5.0 > > -- Masami Hiramatsu <mhira...@kernel.org>
