CVE-2023-54232

In the Linux kernel, the following vulnerability has been resolved:

m68k: Only force 030 bus error if PC not in exception table

_getkernelnofault() does copy data in supervisor mode when forcing a task backtrace log through /proc/sysrqtrigger. This is expected cause a bus error exception on e.g. NULL pointer dereferencing when logging a kernel task has no workqueue associated. This bus error ought to be ignored.

Our 030 bus error handler is ill equipped to deal with this:

Whenever ssw indicates a kernel mode access on a data fault, we don't even attempt to handle the fault and instead always send a SEGV signal (or panic). As a result, the check for exception handling at the fault PC (buried in sendsigfault() which gets called from dopagefault() eventually) is never used.

In contrast, both 040 and 060 access error handlers do not care whether a fault happened on supervisor mode access, and will call dopagefault() on those, ultimately honoring the exception table.

Add a check in buserror030 to call dopage_fault() in case we do have an entry for the fault PC in our exception table.

I had attempted a fix for this earlier in 2019 that did rely on testing pagefault_disabled() (see link below) to achieve the same thing, but this patch should be more generic.

Tested on 030 Atari Falcon.