| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1291997132.13513.12.camel@laptop>
Date: Fri, 10 Dec 2010 17:05:32 +0100
From: Peter Zijlstra <peterz@...radead.org>
To: Eric Dumazet <eric.dumazet@...il.com>
Cc: Dan Rosenberg <drosenberg@...curity.com>,
linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
netdev <netdev@...r.kernel.org>
Subject: Re: [PATCH] kptr_restrict for hiding kernel pointers from
unprivileged users
On Thu, 2010-12-09 at 04:23 +0100, Eric Dumazet wrote:
> > + if (kptr_restrict) {
> > + if (in_interrupt())
> > + WARN(1, "%%pK used in interrupt context.\n");
>
> So caller can not block BH ?
>
> This seems wrong to me, please consider :
>
> normal process context :
>
> spin_lock_bh() ...
>
> for (...)
> {xxx}printf( ... "%pK" ...)
>
> spin_unlock_bh();
That's a bug in in_interrupt(), one I've been pointing out for a long
while. Luckily we recently grew the infrastructure to deal with it.
If you write it as: if (in_irq() || in_serving_softirq() || in_nmi())
you'll not trigger for the above example.
Ideally in_serving_softirq() wouldn't exist and in_softirq() would do
what in_server_softirq() does -- which would make it symmetric with the
hardirq functions -- but nobody has found time to audit all in_softirq()
users.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists