diff options
| author | Andy Lutomirski <luto@kernel.org> | 2017-08-01 07:11:34 -0700 |
|---|---|---|
| committer | Ingo Molnar <mingo@kernel.org> | 2017-08-10 17:15:13 +0200 |
| commit | 767d035d838f4fd6b5a5bbd7a3f6d293b7f65a49 (patch) | |
| tree | 04a5a48615adfd05d7a7be426f8367aa3c67700a /mm/Kconfig.debug | |
| parent | af79ded44b7c5eee46b433a9269fcf899372225b (diff) | |
x86/fsgsbase/64: Fully initialize FS and GS state in start_thread_common
execve used to leak FSBASE and GSBASE on AMD CPUs. Fix it.
The security impact of this bug is small but not quite zero -- it
could weaken ASLR when a privileged task execs a less privileged
program, but only if program changed bitness across the exec, or the
child binary was highly unusual or actively malicious. A child
program that was compromised after the exec would not have access to
the leaked base.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Borislav Petkov <bpetkov@suse.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Chang Seok <chang.seok.bae@intel.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@vger.kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'mm/Kconfig.debug')
0 files changed, 0 insertions, 0 deletions