| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20101101171937.GA4484@amt.cnet> Date: Mon, 1 Nov 2010 15:19:37 -0200 From: Marcelo Tosatti <mtosatti@...hat.com> To: Vasiliy Kulikov <segooon@...il.com> Cc: Jan Kiszka <jan.kiszka@....de>, kernel-janitors@...r.kernel.org, Avi Kivity <avi@...hat.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [patch v2] x86: kvm: x86: fix information leak to userland On Sat, Oct 30, 2010 at 10:54:47PM +0400, Vasiliy Kulikov wrote: > Structures kvm_vcpu_events, kvm_debugregs, kvm_pit_state2 and > kvm_clock_data are copied to userland with some padding and reserved > fields unitialized. It leads to leaking of contents of kernel stack > memory. We have to initialize them to zero. > > In patch v1 Jan Kiszka suggested to fill reserved fields with zeros > instead of memset'ting the whole struct. It makes sense as these > fields are explicitly marked as padding. No more fields need zeroing. > > Signed-off-by: Vasiliy Kulikov <segooon@...il.com> > --- > Compile tesed only. > > arch/x86/kvm/x86.c | 6 ++++++ > 1 files changed, 6 insertions(+), 0 deletions(-) Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists