| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <BANLkTi=qBx0Mk=b2wsA3RZVKk0RUckeN6g@mail.gmail.com> Date: Wed, 8 Jun 2011 14:14:56 +0200 From: Mathias Krause <minipli@...glemail.com> To: Al Viro <viro@...iv.linux.org.uk> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org, stable@...nel.org, Rusty Russell <rusty@...tcorp.com.au>, "David S. Miller" <davem@...emloft.net>, Chris Metcalf <cmetcalf@...era.com>, Chris Zankel <chris@...kel.net> Subject: Re: [PATCH] init: use KERNEL_DS when trying to start init process On Wed, Jun 8, 2011 at 12:47 PM, Al Viro <viro@...iv.linux.org.uk> wrote: > On Tue, Jun 07, 2011 at 07:00:24PM -0700, Linus Torvalds wrote: > >> That said, that commit (it's commit ID 4095b99c09e3d in tglx's tree) >> predates the "real" BK history too: it's part of the (limited) 2.4.x >> history that was imported from the release patches into BK at the >> beginning of the use of BK. So at that point we didn't do indivual >> commits, it's just the import of the v2.4.3.7 -> v2.4.3.8 patch. >> >> But yeah, it's old and crufty. And I agree that usually the correct >> fix is to remove the set_fs() calls entirely. > > I think these days its job is done by start_thread(), which is where we > switch to USER_DS; it's called by ->load_binary() when it decides it's past > the point of no return. However, it would be a good idea to verify that > all architectures do it there properly and we are not exposing a hole by > removal of this set_fs()... I've checked all implementations of start_thread() and found some candidates: SPARC, TILE and Xtensa don't call set_fs(USER_DS), albeit have different definitions for USER_DS and KERNEL_DS. So those might need fixing. I'm not familiar with those architectures, so someone else has to answer this. Score does not call set_fs(USER_DS) either but that's no problem because USER_DS has the same value as KERNEL_DS on this architecture. All others call set_fs(USER_DS) as almost the very first instruction in start_thread(), or, as for MIPS, do it by setting addr_limit directly. Generally, I think, we should get Acks for the questionable arch maintainers before commiting the patch that removes the call to set_fs() in search_binary_handler(). I've also checked all binary format handlers if they all call start_thread() and found a few that do not (binfmt_em86, binfmt_misc and binfmt_script). But those are just interpreter warppers, i.e. call search_binary_handler() in the end so should be safe. Mathias -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists