lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 Sep 2015 10:25:52 -0700 From: Andy Lutomirski <luto@...capital.net> To: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, stable <stable@...r.kernel.org>, Andy Lutomirski <luto@...nel.org>, Steven Rostedt <rostedt@...dmis.org>, Borislav Petkov <bp@...e.de>, Linus Torvalds <torvalds@...ux-foundation.org>, Peter Zijlstra <peterz@...radead.org>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...nel.org> Subject: Re: [PATCH 3.14 79/84] x86/nmi/64: Switch stacks on userspace NMI entry On Tue, Sep 29, 2015 at 8:19 AM, Greg Kroah-Hartman <gregkh@...uxfoundation.org> wrote: > 3.14-stable review patch. If anyone has any objections, please let me know. > > ------------------ > > From: Andy Lutomirski <luto@...nel.org> > > commit 9b6e6a8334d56354853f9c255d1395c2ba570e0a upstream. > > Returning to userspace is tricky: IRET can fail, and ESPFIX can > rearrange the stack prior to IRET. Just a heads up: under very strange circumstances (most likely requires booting with paravirt-noreplace, which is hopefully only used by Sasha), this causes a regression that's fixed by 83c133cf11fb0e68a51681447e372489f052d40e. I'm not 100% sure that the regression is observable at all, because the same strange configuration may also hit the bug fixed by fc57a7c68020dcf954428869eafd934c0ab1536f before the regression can trigger. Anyway, you've been warned. I wouldn't worry too much about it, though. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists