lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <alpine.LNX.2.11.1407220739250.31021@titan.int.lan.stealer.net>
Date:	Tue, 22 Jul 2014 08:57:43 +0200 (CEST)
From:	Sven Wegener <sven.wegener@...aler.net>
To:	Andy Lutomirski <luto@...capital.net>
cc:	"H. Peter Anvin" <hpa@...or.com>,
	Richard Weinberger <richard@....at>, X86 ML <x86@...nel.org>,
	Eric Paris <eparis@...hat.com>,
	Linux Kernel <linux-kernel@...r.kernel.org>,
	Steven Rostedt <rostedt@...dmis.org>,
	Borislav Petkov <bp@...en8.de>,
	Toralf Förster <toralf.foerster@....de>,
	stable <stable@...r.kernel.org>,
	Roland McGrath <roland@...hat.com>,
	Josh Boyer <jwboyer@...oraproject.org>
Subject: Re: [PATCH] x86_32, entry: store badsys error code in %eax

On Mon, 21 Jul 2014, Andy Lutomirski wrote:

> On Sun, Jul 20, 2014 at 2:33 PM, Sven Wegener <sven.wegener@...aler.net> wrote:
> > Commit 554086d ("x86_32, entry: Do syscall exit work on badsys
> > (CVE-2014-4508)") introduced a subtle regression in the x86_32 syscall
> > entry code, resulting in syscall() not returning proper errors for
> > non-existing syscalls on CPUs not supporting the sysenter feature.
> 
> s/not supporting/supporting/

Looks like I mixed the sep vs. syscall CPU flag. Initially I encountered 
the issue on real hardware (Celeron) having the sep but not the syscall 
flag. During testing it worked on an emulated CPU missing the sep and 
having the syscall flag and broke on an emulated CPU having the sep and 
missing the syscall flag. I only looked at the syscall flag, which is 
completly invariant for this issue, and assumed it stands for sysenter 
support, completly ignoring the sep flag.

Sven
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ