| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.DEB.2.20.1704101500280.2906@nanos>
Date: Mon, 10 Apr 2017 15:13:59 +0200 (CEST)
From: Thomas Gleixner <tglx@...utronix.de>
To: Mathias Krause <minipli@...glemail.com>
cc: x86@...nel.org, linux-kernel@...r.kernel.org,
Andy Lutomirski <luto@...capital.net>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>,
Roland McGrath <roland@...hat.com>
Subject: Re: [PATCH] x86/vdso: ensure vdso32_enabled gets set to valid values
only
On Wed, 5 Apr 2017, Mathias Krause wrote:
> @@ -62,13 +64,18 @@ int __init sysenter_setup(void)
> /* Register vsyscall32 into the ABI table */
> #include <linux/sysctl.h>
>
> +static const int zero;
> +static const int one = 1;
> +
> static struct ctl_table abi_table2[] = {
> {
> .procname = "vsyscall32",
> .data = &vdso32_enabled,
> .maxlen = sizeof(int),
> .mode = 0644,
> - .proc_handler = proc_dointvec
> + .proc_handler = proc_dointvec_minmax,
> + .extra1 = (int *)&zero,
> + .extra2 = (int *)&one,
This is still bustable. Let's start with: vdso32_enabled = false
arch_setup_additional_pages()
--> No mapping
sysctl.vsysscall32()
--> vdso32_enabled = true
create_elf_tables()
if (vdso32_enabled) {
--> Add VDSO entry with NULL pointer
The vdso map code needs to store a flag in current which can be checked in
ARCH_DLINFO_IA32.
Thanks,
tglx
Powered by blists - more mailing lists