| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 6 Feb 2009 14:19:31 -0800 (PST) From: Linus Torvalds <torvalds@...ux-foundation.org> To: Roland McGrath <roland@...hat.com> cc: Andrew Morton <akpm@...ux-foundation.org>, Gerald Schaefer <gerald.schaefer@...ibm.com>, linux-kernel@...r.kernel.org, schwidefsky@...ibm.com, heiko.carstens@...ibm.com Subject: Re: [BUG] binfmt_elf: get_user() called in vma_dump_size() after set_fs(KERNEL_DS) On Fri, 6 Feb 2009, Roland McGrath wrote: > > set_fs is quite cheap at least on most machines. So a pair of set_fs calls > around that get_user call doesn't seem so bad. OTOH, on the machines where > this actually matters at all (maybe just sparc, arm, s390?) it is > presumably (much?) more costly. But it seems like the best solution, and > certainly is straightforward. Yes, I suspect just surrounding the load with set_fs(USER_DS) and then set_fs(KERNEL_DS) to put it back is likely the right thing to do. The address is "safe" in that it does come from the vma, but we obviously do play games with things like the call gate mappings etc. Should we also perhaps do this only if the vma is marked readable and executable? That way we could avoid taking unnecessary faults there. Probably doesn't really matter. Linus -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists