On Thu, 2017-09-21 at 11:52 -0700, Eric Biggers wrote: > From: Eric Biggers <[email protected]> > > Move validation of user-supplied xstate_headers into a helper > function > and call it from both the ptrace and sigreturn syscall paths. The > new > function also considers it to be an error if *any* reserved bits are > set, whereas before we were just clearing most of them. > > This should reduce the chance of bugs that fail to correctly validate > user-supplied XSAVE areas. It also will expose any broken userspace > programs that set the other reserved bits; this is desirable because > such programs will lose compatibility with future CPUs and kernels if > those bits are ever used for anything. (There shouldn't be any such > programs, and in fact in the case where the compacted format is in > use > we were already validating xfeatures. But you never know...) > > Reviewed-by: Kees Cook <[email protected]> > Acked-by: Dave Hansen <[email protected]> > Cc: Andy Lutomirski <[email protected]> > Cc: Dmitry Vyukov <[email protected]> > Cc: Fenghua Yu <[email protected]> > Cc: Ingo Molnar <[email protected]> > Cc: Kevin Hao <[email protected]> > Cc: Oleg Nesterov <[email protected]> > Cc: Wanpeng Li <[email protected]> > Cc: Yu-cheng Yu <[email protected]> > Signed-off-by: Eric Biggers <[email protected]> > Reviewed-by: Rik van Riel <[email protected]>
-- All rights reversed
signature.asc
Description: This is a digitally signed message part
