| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5j+TAncQVkW6ArfL6CfT_LCHVE-HUtW+0kq3+FK+1rK_Qg@mail.gmail.com> Date: Wed, 6 Apr 2016 14:27:38 -0700 From: Kees Cook <keescook@...omium.org> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Emrah Demir <ed@...sec.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Dan Rosenberg <dan.j.rosenberg@...il.com>, "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>, Dave Jones <davej@...hat.com> Subject: Re: [PATCH] KERNEL: resource: Fix bug on leakage in /proc/iomem file On Wed, Apr 6, 2016 at 2:19 PM, Linus Torvalds <torvalds@...ux-foundation.org> wrote: > On Wed, Apr 6, 2016 at 10:54 AM, Linus Torvalds > <torvalds@...ux-foundation.org> wrote: >> >> So I'd find a patch like the attached to be perfectly acceptable (in >> fact, we should have done this long ago). > > I just committed it, let's see if some odd program uses the iomem > data. I doubt it, and I always enjoy improvements that remove more > lines of code than they add. Hrm, okay. I still think just changing the perms would be less troublesome. Knowing where the kernel is in physical memory when debugging physical memory issues seems important to me. But, I have never actually used it since I prefer looking in kallsyms. :) -Kees -- Kees Cook Chrome OS & Brillo Security
Powered by blists - more mailing lists