| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 14 Aug 2007 22:42:02 +0200 From: Andi Kleen <andi@...stfloor.org> To: cra@....EDU Cc: wdc@....edu, linux-kernel@...r.kernel.org Subject: Re: vm86.c audit_syscall_exit() call trashes registers Chuck Anderson <cra@....EDU> writes: > > If I'm reading correctly, it appears that the code above trashes the > %fs and %gs registers, or otherwise doesn't leave them at zero before > returning from the system call as the old code did. Is this a correct > analysis? The kernel runs with defined fs -- saved and set at system call entry/exit -- and shouldn't touch gs (except on a context switch, but then it should be set back when you get scheduled again) It's in theory possible that something went wrong with the gs saving for the vm86 path, but this changed long 2.6.16. But I assume when you just remove the call in 2.6.16 it already works? If yes it cannot be that (2.6.16 didn't use either fs or gs in the kernel) > How should this be fixed? The problem first needs to be fully understood. Do you have more details on the corruption? One suspicious thing is that the audit code does mutex_lock(&tty_mutex) and could sleep there. It's a long shot, but does the problem go away when you comment that out? [such a patch is incorrect in theory, but should be unlikely enough to crash for a quick test] But actually sleeping should be ok here and a preemptible kernel could do it anyways. -Andi - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists