| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150630110645.GB25988@gmail.com> Date: Tue, 30 Jun 2015 13:06:46 +0200 From: Ingo Molnar <mingo@...nel.org> To: Borislav Petkov <bp@...en8.de> Cc: Andy Lutomirski <luto@...nel.org>, x86@...nel.org, linux-kernel@...r.kernel.org, Frédéric Weisbecker <fweisbec@...il.com>, Rik van Riel <riel@...hat.com>, Oleg Nesterov <oleg@...hat.com>, Denys Vlasenko <vda.linux@...glemail.com>, Kees Cook <keescook@...omium.org>, Brian Gerst <brgerst@...il.com>, paulmck@...ux.vnet.ibm.com Subject: Re: [PATCH v4 02/17] x86/entry/64/compat: Fix bad fast syscall arg failure path * Borislav Petkov <bp@...en8.de> wrote: > On Mon, Jun 29, 2015 at 12:33:34PM -0700, Andy Lutomirski wrote: > > diff --git a/arch/x86/entry/entry_64_compat.S b/arch/x86/entry/entry_64_compat.S > > index bb187a6a877c..efe0b1e499fa 100644 > > --- a/arch/x86/entry/entry_64_compat.S > > +++ b/arch/x86/entry/entry_64_compat.S > > @@ -425,8 +425,39 @@ cstar_tracesys: > > END(entry_SYSCALL_compat) > > > > ia32_badarg: > > - ASM_CLAC > > - movq $-EFAULT, RAX(%rsp) > > + /* > > + * So far, we've entered kernel mode, set AC, turned on IRQs, and > > + * saved C regs except r8-r11. We haven't done any of the other > > + * standard entry work, though. We want to bail, but we shouldn't > > + * treat this as a syscall entry since we don't even know what the > > + * args are. Instead, treat this as a non-syscall entry, finish > > + * the entry work, and immediately exit after setting AX = -EFAULT. > > + * > > + * We're really just being polite here. Killing the task outright > > + * would be a reasonable action, too. Given that the only valid > > + * way to have gotten here is through the vDSO, and we already know > > + * that the stack pointer is bad, the task isn't going to survive > > + * for long no matter what we do. > > You mean something like > > force_sig_info(SIGSEGV, &si, current); > > ? We should also emit a warning message, even if user-space installed a 'special' sigfault handler to hide such failures. (I'm looking at you systemd!) Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists