lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Tue, 20 Oct 2009 08:14:15 +0200
From:	Ingo Molnar <mingo@...e.hu>
To:	Jan Beulich <JBeulich@...ell.com>
Cc:	tglx@...utronix.de, hpa@...or.com, stable@...nel.org,
	linux-kernel@...r.kernel.org
Subject: Re: Withdraw: [PATCH] x86-64: fix another kernel data leak to
	32-bit processes


* Jan Beulich <JBeulich@...ell.com> wrote:

> >Unfortunately I didn't realize that the other instances of branches 
> >to int_ret_from_sys_call also need fixing when preparing the previous 
> >similar patch. The issue fixed here was in fact introduced by an 
> >earlier patch of mine (295286a89107c353b9677bc604361c537fd6a1c0, i.e. 
> >in 2.6.28, but through stable now also present in 2.6.27), making 
> >kernel stack contents potentially visible through R8...R11 when an 
> >this or earlier syscall got interrupted prior to the handler being 
> >able to decrement the stack pointer (such that the space normally 
> >used by those registers within pt_regs would get overwritten by the 
> >interrupt handler stub).
> 
> That analysis wasn't right after all - there's a CLEAR_RREGS in each 
> of the modified paths already, so the change is unnecessary (and 
> adding redundant code). Please don't apply it.
> 
> >While touching the code, I also swapped the branch pairs so that the 
> >static branch prediction logic would consider the syscall-number-in- 
> >range case the taken path.
> 
> If this would seem a worthwhile change, I can re-send it as a 
> separate, lower priority patch...

Please do - thanks!

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ