From: Zheng Yejian <zhengyejian1@huawei.com> hulk inclusion category: bugfix bugzilla: 186253, https://gitee.com/openeuler/kernel/issues/I4TYA9 CVE: NA ----------------------------------------------- Refer to following codes, 'strncpy' would stop copying if Null character encountered. For example, when 'code' is "53 be 00 0a 05", 'old_code' would be "53 be 00 00 00". > 276 static unsigned char *klp_old_code(unsigned char *code) > 277 { > 278 static union klp_code_union old_code; > 279 > 280 strncpy(old_code.code, code, JMP_E9_INSN_SIZE); > 281 return old_code.code; > 282 } As a result, the instructions cannot be restored completely, and the system becomes abnormal. Fixes: 7e2ab91ea076 ("livepatch/x86: support livepatch without ftrace") Signed-off-by: Zheng Yejian <zhengyejian1@huawei.com> Reviewed-by: Kuohai Xu <xukuohai@huawei.com> Signed-off-by: Yang Yingliang <yangyingliang@huawei.com> --- arch/x86/kernel/livepatch.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/livepatch.c b/arch/x86/kernel/livepatch.c index 0e118adf14087..785bba03b77fa 100644 --- a/arch/x86/kernel/livepatch.c +++ b/arch/x86/kernel/livepatch.c @@ -277,7 +277,7 @@ static unsigned char *klp_old_code(unsigned char *code) { static union klp_code_union old_code; - strncpy(old_code.code, code, JMP_E9_INSN_SIZE); + memcpy(old_code.code, code, JMP_E9_INSN_SIZE); return old_code.code; } -- 2.25.1