| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200529093534.GE790247@gmail.com>
Date: Fri, 29 May 2020 11:35:34 +0200
From: Ingo Molnar <mingo@...nel.org>
To: Al Viro <viro@...iv.linux.org.uk>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
linux-kernel@...r.kernel.org, x86@...nel.org
Subject: Re: [git pull] coredump infoleak fix
* Al Viro <viro@...iv.linux.org.uk> wrote:
> IOW, copy_xstate_to_kernel()/copy_xstate_to_user() needs not only to map
> from compacted format to standard one; it also needs to compensate for
> that "we might skip saving the components that are in init state; we'll
> report which ones got skipped by way of ->header.xfeatures" thing.
>
> Again, those leaked uninit chunks are *not* in the same places for all
> threads. Without any overflows, etc. involved. And at least for
> the set 0 (x87 registers) the init state is not all-zeroes, so blanket
> memset() done first is not going to give the right results.
I'm not arguing against your fix (at all!) and I'll pull it in for
v5.8 if Linus doesn't beat me to it.
I was arguing:
>> shouldn't we also zero-initialize the dump data
with emphasis on the 'also'. :-)
To me the biggest practical fail here was the exposure of genuinely
uninitialized data - not that the dumped information might not be a
100% semantically correct FPU dump.
[ Unless I'm missing some non-coredump aspect of all this (such as the
wrong saving done in signal handling context for example?), which is
always a possibility. ]
Thanks,
Ingo
Powered by blists - more mailing lists