| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 7 Jan 2015 15:24:52 -0800 From: Andy Lutomirski <luto@...capital.net> To: Dave Hansen <dave.hansen@...ux.intel.com> Cc: Andi Kleen <andi@...stfloor.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, X86 ML <x86@...nel.org>, Thomas Gleixner <tglx@...utronix.de> Subject: Re: [PATCH 3.19 3/3] x86, mpx: Change the MPX enable/disable API to arch_prctl On Wed, Jan 7, 2015 at 3:18 PM, Dave Hansen <dave.hansen@...ux.intel.com> wrote: > On 01/05/2015 03:04 PM, Andy Lutomirski wrote: >> Anyway, if it's actually a problem to change it, I have no real >> problem keeping it, but I think we *really* need to validate the rest >> of the arguments at the very least. > > If we "validate" the arguments like you suggested, then a call like this: > > prctl(PR_MPX_DISABLE_MANAGEMENT); > > ends up returning -EINVAL: > >> prctl(0x2b /* PR_??? */, 0x7fffffd3, 0x7f360955e9e0, 0x2c, 0x7f3609314840) = -1 EINVAL (Invalid argument) > > A quick grep through ltp and some other source I have laying around does > *not* show folks adding 0's to these calls for "empty" arguments. Is > this really something we want to do? > > prctl(PR_MPX_DISABLE_MANAGEMENT, 0, 0, 0, 0); Yes, because we might want to do prctl(PR_MPX_ENABLE_MANAGEMENT, x, y, z, 0) some day. --Andy -- Andy Lutomirski AMA Capital Management, LLC -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists