mirror of
https://github.com/FEX-Emu/linux.git
synced 2024-12-23 09:56:00 +00:00
6ea65ff79c
The segment register slots in struct pt_regs are padded to 32 bits. Some of these are stored with instructions like "pushl %es", which leaves the high 16 bits as they were. So the high bits of these fields in struct pt_regs contain kernel stack garbage. These bits are ignored by everything and never leak to user space, except in core dumps. The user struct pt_regs is always at the base of the thread's kernel stack and so it seems unlikely the information that leaks from here is ever worthwhile so as to be a security concern, but I'm not sure about that. It has been this way for ages; userland consumers of core dumps all mask off these high bits themselves. So it is not urgent. This change masks off the padding bits of the segment register slots in core dumps. ptrace already masks off these high bits, so this makes the values in core dumps consistent with what ptrace would report just before the process died. As I read the processor manuals, the cs and ss values will always be padded with zero bits rather than stack garbage. But unlike "pushl %es", this is not simple to test with a userland program. So I added the two instructions rather than wonder if they are really never necessary. I think that x86_64 does not have this problem (for either 32-bit or 64-bit processes). It only uses "mov" instructions from segment registers, which zero-extend. Signed-off-by: Roland McGrath <roland@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|---|---|---|
| .. | ||
| mach-bigsmp | ||
| mach-default | ||
| mach-es7000 | ||
| mach-generic | ||
| mach-numaq | ||
| mach-summit | ||
| mach-visws | ||
| mach-voyager | ||
| 8253pit.h | ||
| a.out.h | ||
| acpi.h | ||
| agp.h | ||
| alternative-asm.i | ||
| alternative.h | ||
| apic.h | ||
| apicdef.h | ||
| arch_hooks.h | ||
| atomic.h | ||
| auxvec.h | ||
| bitops.h | ||
| boot.h | ||
| bug.h | ||
| bugs.h | ||
| byteorder.h | ||
| cache.h | ||
| cacheflush.h | ||
| checksum.h | ||
| cpu.h | ||
| cpufeature.h | ||
| cputime.h | ||
| current.h | ||
| debugreg.h | ||
| delay.h | ||
| desc.h | ||
| device.h | ||
| div64.h | ||
| dma-mapping.h | ||
| dma.h | ||
| dmi.h | ||
| dwarf2.h | ||
| e820.h | ||
| edac.h | ||
| elf.h | ||
| emergency-restart.h | ||
| errno.h | ||
| fcntl.h | ||
| fixmap.h | ||
| floppy.h | ||
| frame.i | ||
| futex.h | ||
| genapic.h | ||
| hardirq.h | ||
| highmem.h | ||
| hpet.h | ||
| hw_irq.h | ||
| hypertransport.h | ||
| i387.h | ||
| i8253.h | ||
| i8259.h | ||
| ide.h | ||
| intel_arch_perfmon.h | ||
| io_apic.h | ||
| io.h | ||
| ioctl.h | ||
| ioctls.h | ||
| ipc.h | ||
| ipcbuf.h | ||
| irq_regs.h | ||
| irq.h | ||
| irqflags.h | ||
| ist.h | ||
| k8.h | ||
| Kbuild | ||
| kdebug.h | ||
| kexec.h | ||
| kmap_types.h | ||
| kprobes.h | ||
| ldt.h | ||
| linkage.h | ||
| local.h | ||
| math_emu.h | ||
| mc146818rtc.h | ||
| mca_dma.h | ||
| mca.h | ||
| mce.h | ||
| mman.h | ||
| mmu_context.h | ||
| mmu.h | ||
| mmx.h | ||
| mmzone.h | ||
| module.h | ||
| mpspec_def.h | ||
| mpspec.h | ||
| msgbuf.h | ||
| msidef.h | ||
| msr.h | ||
| mtrr.h | ||
| mutex.h | ||
| namei.h | ||
| nmi.h | ||
| numa.h | ||
| numaq.h | ||
| page.h | ||
| param.h | ||
| paravirt.h | ||
| parport.h | ||
| pci-direct.h | ||
| pci.h | ||
| pda.h | ||
| percpu.h | ||
| pgalloc.h | ||
| pgtable-2level-defs.h | ||
| pgtable-2level.h | ||
| pgtable-3level-defs.h | ||
| pgtable-3level.h | ||
| pgtable.h | ||
| poll.h | ||
| posix_types.h | ||
| processor.h | ||
| ptrace-abi.h | ||
| ptrace.h | ||
| resource.h | ||
| rtc.h | ||
| rwlock.h | ||
| rwsem.h | ||
| scatterlist.h | ||
| seccomp.h | ||
| sections.h | ||
| segment.h | ||
| semaphore.h | ||
| sembuf.h | ||
| serial.h | ||
| setup.h | ||
| shmbuf.h | ||
| shmparam.h | ||
| sigcontext.h | ||
| siginfo.h | ||
| signal.h | ||
| smp.h | ||
| socket.h | ||
| sockios.h | ||
| sparsemem.h | ||
| spinlock_types.h | ||
| spinlock.h | ||
| srat.h | ||
| stacktrace.h | ||
| stat.h | ||
| statfs.h | ||
| string.h | ||
| suspend.h | ||
| sync_bitops.h | ||
| system.h | ||
| termbits.h | ||
| termios.h | ||
| therm_throt.h | ||
| thread_info.h | ||
| time.h | ||
| timer.h | ||
| timex.h | ||
| tlb.h | ||
| tlbflush.h | ||
| topology.h | ||
| tsc.h | ||
| types.h | ||
| uaccess.h | ||
| ucontext.h | ||
| unaligned.h | ||
| unistd.h | ||
| unwind.h | ||
| user.h | ||
| vga.h | ||
| vic.h | ||
| vm86.h | ||
| vmi_time.h | ||
| vmi.h | ||
| voyager.h | ||
| xor.h | ||