| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 12 Oct 2011 13:42:24 -0700 From: Andrew Morton <akpm@...ux-foundation.org> To: Andrea Arcangeli <aarcange@...hat.com> Cc: Hillf Danton <dhillf@...il.com>, LKML <linux-kernel@...r.kernel.org>, linux-mm@...ck.org Subject: Re: [PATCH] mm/huge_memory: Clean up typo when copying user highpage On Wed, 12 Oct 2011 19:51:48 +0200 Andrea Arcangeli <aarcange@...hat.com> wrote: > On Wed, Oct 12, 2011 at 10:39:36PM +0800, Hillf Danton wrote: > > Hi Andrea > > > > When copying user highpage, the PAGE_SHIFT in the third parameter is a typo, > > I think, and is replaced with PAGE_SIZE. > > That looks correct. I wonder how it was not noticed yet. Because it > can't go out of bound, it didn't risk to crash the kernel and it didn't > not risk to expose random data to the cowing task. So it shouldn't > have security implications as far as I can tell, but the app could > malfunction and crash (userland corruption only). Which architectures care about the copy_user_page() `vaddr' argument? mips, perhaps? I suspect the intersection between those architectures and archs-which-implement-hugepages is the empty set. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists