lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 May 2016 15:43:20 +0200 From: Michal Hocko <mhocko@...nel.org> To: Oleg Nesterov <oleg@...hat.com> Cc: Aleksa Sarai <asarai@...e.de>, LKML <linux-kernel@...r.kernel.org>, Martin Schwidefsky <schwidefsky@...ibm.com>, Heiko Carstens <heiko.carstens@...ibm.com>, linux-s390@...r.kernel.org, Ingo Molnar <mingo@...e.hu>, Thomas Gleixner <tglx@...utronix.de>, "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org Subject: [PATCH] s390: fix info leak in do_sigsegv OK, Martin would prefer a simple patch so here we go. --- >From de1ad037f3181e795ef0e66a61b8fbe1157f66cc Mon Sep 17 00:00:00 2001 From: Michal Hocko <mhocko@...e.com> Date: Mon, 23 May 2016 15:35:51 +0200 Subject: [PATCH] s390: fix info leak in do_sigsegv Aleksa has reported incorrect si_errno value when stracing task which received SIGSEGV: [pid 20799] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_errno=2510266, si_addr=0x100000000000000} The reason seems to be that do_sigsegv is not initializing siginfo structure defined on the stack completely so it will leak 4B of the previous stack content. Fix it simply by initializing si_errno to 0 (same as do_sigbus does already). Cc: stable # introduced pre-git times Reported-by: Aleksa Sarai <asarai@...e.de> Signed-off-by: Michal Hocko <mhocko@...e.com> --- arch/s390/mm/fault.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/s390/mm/fault.c b/arch/s390/mm/fault.c index 7a3144017301..19288c1b36d3 100644 --- a/arch/s390/mm/fault.c +++ b/arch/s390/mm/fault.c @@ -250,6 +250,7 @@ static noinline void do_sigsegv(struct pt_regs *regs, int si_code) report_user_fault(regs, SIGSEGV, 1); si.si_signo = SIGSEGV; + si.si_errno = 0; si.si_code = si_code; si.si_addr = (void __user *)(regs->int_parm_long & __FAIL_ADDR_MASK); force_sig_info(SIGSEGV, &si, current); -- 2.8.1 -- Michal Hocko SUSE Labs
Powered by blists - more mailing lists