From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932503AbcEWOrx (ORCPT ); Mon, 23 May 2016 10:47:53 -0400 Received: from e06smtp09.uk.ibm.com ([195.75.94.105]:60920 "EHLO e06smtp09.uk.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751898AbcEWOrw (ORCPT ); Mon, 23 May 2016 10:47:52 -0400 X-IBM-Helo: d06dlp02.portsmouth.uk.ibm.com X-IBM-MailFrom: schwidefsky@de.ibm.com X-IBM-RcptTo: linux-kernel@vger.kernel.org;linux-s390@vger.kernel.org Date: Mon, 23 May 2016 16:47:46 +0200 From: Martin Schwidefsky To: Michal Hocko Cc: Oleg Nesterov , Aleksa Sarai , LKML , Heiko Carstens , linux-s390@vger.kernel.org, Ingo Molnar , Thomas Gleixner , "H. Peter Anvin" , x86@kernel.org Subject: Re: [PATCH] s390: fix info leak in do_sigsegv Message-ID: <20160523164746.3cf77131@mschwide> In-Reply-To: <20160523134318.GT2278@dhcp22.suse.cz> References: <20160523111630.GN2278@dhcp22.suse.cz> <20160523134318.GT2278@dhcp22.suse.cz> X-Mailer: Claws Mail 3.9.3 (GTK+ 2.24.23; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-TM-AS-MML: disable X-Content-Scanned: Fidelis XPS MAILER x-cbid: 16052314-0037-0000-0000-000011111946 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 23 May 2016 15:43:20 +0200 Michal Hocko wrote: > OK, Martin would prefer a simple patch so here we go. > --- > From de1ad037f3181e795ef0e66a61b8fbe1157f66cc Mon Sep 17 00:00:00 2001 > From: Michal Hocko > Date: Mon, 23 May 2016 15:35:51 +0200 > Subject: [PATCH] s390: fix info leak in do_sigsegv > > Aleksa has reported incorrect si_errno value when stracing task which > received SIGSEGV: > [pid 20799] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_errno=2510266, si_addr=0x100000000000000} > > The reason seems to be that do_sigsegv is not initializing siginfo > structure defined on the stack completely so it will leak 4B of > the previous stack content. Fix it simply by initializing si_errno > to 0 (same as do_sigbus does already). > > Cc: stable # introduced pre-git times > Reported-by: Aleksa Sarai > Signed-off-by: Michal Hocko > --- > arch/s390/mm/fault.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/arch/s390/mm/fault.c b/arch/s390/mm/fault.c > index 7a3144017301..19288c1b36d3 100644 > --- a/arch/s390/mm/fault.c > +++ b/arch/s390/mm/fault.c > @@ -250,6 +250,7 @@ static noinline void do_sigsegv(struct pt_regs *regs, int si_code) > > report_user_fault(regs, SIGSEGV, 1); > si.si_signo = SIGSEGV; > + si.si_errno = 0; > si.si_code = si_code; > si.si_addr = (void __user *)(regs->int_parm_long & __FAIL_ADDR_MASK); > force_sig_info(SIGSEGV, &si, current); Applied to linux-s390:fixes. Thanks. -- blue skies, Martin. "Reality continues to ruin my life." - Calvin.