| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Sep 2019 18:58:39 +0100
From: Eugene Syromiatnikov <esyr@...hat.com>
To: linux-kernel@...r.kernel.org,
Christian Brauner <christian@...uner.io>,
Oleg Nesterov <oleg@...hat.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
Ingo Molnar <mingo@...nel.org>,
"Dmitry V. Levin" <ldv@...linux.org>,
Eric Biederman <ebiederm@...ssion.com>
Subject: [PATCH v2] fork: check exit_signal passed in clone3() call
Hello.
After some consideration, I've decided to utilise Oleg's proposal[1]
"(args.exit_signal & ~((u64)CSIGNAL))" as a check. I still don't like
it, as it mixes argument copy check (I'm not sure if it's ever needed,
however, as I'm not sure if there's a reason for exit_signal field
of struct kernel_clone_args to have int type) with argument sanity
check; moreover, it covers only clone3 case, and the code in
copy_process is still error-prone in the long run. Ideally, the check
should be somewhere in the one place, but as of now this one place
is likely _do_fork, but it's kinda weir to have argument check there
as of now.
Changes since v1[2]:
- Check changed to comparison against negated CSIGNAL to address
the bug reported by Oleg[3].
- Added a comment to _do_fork that exit_signal has to be checked
by the caller.
[1] https://lkml.org/lkml/2019/9/10/581
[2] https://lkml.org/lkml/2019/9/10/411
[3] https://lkml.org/lkml/2019/9/10/467
Eugene Syromiatnikov (1):
fork: check exit_signal passed in clone3() call
kernel/fork.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
--
2.1.4
Powered by blists - more mailing lists