lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160523152921.11bf49d9@mschwide>
Date:	Mon, 23 May 2016 15:29:21 +0200
From:	Martin Schwidefsky <schwidefsky@...ibm.com>
To:	Michal Hocko <mhocko@...nel.org>
Cc:	Oleg Nesterov <oleg@...hat.com>, Aleksa Sarai <asarai@...e.de>,
	LKML <linux-kernel@...r.kernel.org>,
	Heiko Carstens <heiko.carstens@...ibm.com>,
	linux-s390@...r.kernel.org, Ingo Molnar <mingo@...e.hu>,
	Thomas Gleixner <tglx@...utronix.de>,
	"H. Peter Anvin" <hpa@...or.com>, x86@...nel.org
Subject: Re: siginfo memory leak?

On Mon, 23 May 2016 15:05:38 +0200
Michal Hocko <mhocko@...nel.org> wrote:

> On Mon 23-05-16 14:43:19, Martin Schwidefsky wrote:
> > On Mon, 23 May 2016 13:16:30 +0200
> [...]
> > > diff --git a/arch/s390/mm/fault.c b/arch/s390/mm/fault.c
> > > index 791a4146052c..41913fac14e4 100644
> > > --- a/arch/s390/mm/fault.c
> > > +++ b/arch/s390/mm/fault.c
> > > @@ -248,6 +248,7 @@ static noinline void do_sigsegv(struct pt_regs *regs, int si_code)
> > >  	si.si_signo = SIGSEGV;
> > >  	si.si_code = si_code;
> > >  	si.si_addr = (void __user *)(regs->int_parm_long & __FAIL_ADDR_MASK);
> > > +	si.si_errno = 0;
> > >  	force_sig_info(SIGSEGV, &si, current);
> > >  }
> > > 
> > 
> > The other for place where s390 calls force_sig_info are correct.
> > Only do_sigsegv misses the clear of si_errno.
> 
> I can send a full patch with the proper changelog but I am really
> wondering whether we can plug this in a more systematic way. If you
> prefer a small s390 specific I will do it right away though. Same
> applies to x86 one.

Why not fix the bug with a small patch and then provide the "big"
solution? A potential information leak is not good ..

-- 
blue skies,
   Martin.

"Reality continues to ruin my life." - Calvin.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ