| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.DEB.2.20.1712082248260.2301@nanos>
Date: Fri, 8 Dec 2017 22:49:45 +0100 (CET)
From: Thomas Gleixner <tglx@...utronix.de>
To: Linus Torvalds <torvalds@...ux-foundation.org>
cc: Andy Lutomirski <luto@...nel.org>,
the arch/x86 maintainers <x86@...nel.org>,
LKML <linux-kernel@...r.kernel.org>,
Borislav Petkov <bp@...en8.de>,
Brian Gerst <brgerst@...il.com>,
David Laight <David.Laight@...lab.com>,
Kees Cook <keescook@...omium.org>,
Peter Zijlstra <peterz@...radead.org>
Subject: Re: x86/ldt: Prevent ldt inheritance on exec
On Fri, 8 Dec 2017, Linus Torvalds wrote:
> On Fri, Dec 8, 2017 at 12:02 PM, Thomas Gleixner <tglx@...utronix.de> wrote:
> >
> > The reason why this happens is that init_new_context_ldt() is called from
> > init_new_context() which obviously needs to be called for both fork() and
> > exec().
> >
> > It would be surprising if anything relies on that behaviour, so it seems to
> > be safe to remove that misfeature.
>
> Looks sane. That said, can't we separate this out into the copy_mm()
> phase only?
>
> We have "arch_dup_mmap()" that is called on fork() only, so that could
> do the LDT copy from the old mm, and the actual init_new_context would
> just zero it out.
>
> Then there wouldn't be any odd "check if this is an execve" because
> the copying would be done in the right place.
Yes, that should work. It just needs to change arch_dup_mmap() so it can
return an error code.
Thanks,
tglx
Powered by blists - more mailing lists