From: Ingo Molnar <mingo@kernel.org>
To: Al Viro <viro@zeniv.linux.org.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
linux-kernel@vger.kernel.org, x86@kernel.org
Subject: Re: [git pull] coredump infoleak fix
Date: Fri, 29 May 2020 11:35:34 +0200 [thread overview]
Message-ID: <20200529093534.GE790247@gmail.com> (raw)
In-Reply-To: <20200528125022.GK23230@ZenIV.linux.org.uk>
* Al Viro <viro@zeniv.linux.org.uk> wrote:
> IOW, copy_xstate_to_kernel()/copy_xstate_to_user() needs not only to map
> from compacted format to standard one; it also needs to compensate for
> that "we might skip saving the components that are in init state; we'll
> report which ones got skipped by way of ->header.xfeatures" thing.
>
> Again, those leaked uninit chunks are *not* in the same places for all
> threads. Without any overflows, etc. involved. And at least for
> the set 0 (x87 registers) the init state is not all-zeroes, so blanket
> memset() done first is not going to give the right results.
I'm not arguing against your fix (at all!) and I'll pull it in for
v5.8 if Linus doesn't beat me to it.
I was arguing:
>> shouldn't we also zero-initialize the dump data
with emphasis on the 'also'. :-)
To me the biggest practical fail here was the exposure of genuinely
uninitialized data - not that the dumped information might not be a
100% semantically correct FPU dump.
[ Unless I'm missing some non-coredump aspect of all this (such as the
wrong saving done in signal handling context for example?), which is
always a possibility. ]
Thanks,
Ingo
next prev parent reply other threads:[~2020-05-29 9:35 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-27 21:34 [git pull] coredump infoleak fix Al Viro
2020-05-28 7:02 ` Ingo Molnar
2020-05-28 7:05 ` Al Viro
2020-05-28 7:44 ` Ingo Molnar
2020-05-28 12:50 ` Al Viro
2020-05-29 9:35 ` Ingo Molnar [this message]
2020-05-28 7:29 ` [PATCH] fs/coredump/elf: Clean up fill_thread_core_info() Ingo Molnar
2020-05-28 7:40 ` [PATCH v2] " Ingo Molnar
2020-05-28 18:34 ` [git pull] coredump infoleak fix Linus Torvalds
2020-05-28 19:05 ` Al Viro
2020-05-28 19:09 ` Linus Torvalds
2020-05-28 19:17 ` Al Viro
2020-05-28 19:19 ` Linus Torvalds
2020-05-28 19:28 ` Al Viro
2020-05-29 9:39 ` Ingo Molnar
2020-05-31 18:05 ` pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200529093534.GE790247@gmail.com \
--to=mingo@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).