Withdraw: [PATCH] x86-64: fix another kernel data leak to 32-bit processes
From: Jan Beulich
Date: Tue Oct 20 2009 - 02:12:38 EST
>Unfortunately I didn't realize that the other instances of branches to
>int_ret_from_sys_call also need fixing when preparing the previous
>similar patch. The issue fixed here was in fact introduced by an
>earlier patch of mine (295286a89107c353b9677bc604361c537fd6a1c0, i.e.
>in 2.6.28, but through stable now also present in 2.6.27), making
>kernel stack contents potentially visible through R8...R11 when an
>this or earlier syscall got interrupted prior to the handler being able
>to decrement the stack pointer (such that the space normally used by
>those registers within pt_regs would get overwritten by the interrupt
>handler stub).
That analysis wasn't right after all - there's a CLEAR_RREGS in each of
the modified paths already, so the change is unnecessary (and adding
redundant code). Please don't apply it.
>While touching the code, I also swapped the branch pairs so that the
>static branch prediction logic would consider the syscall-number-in-
>range case the taken path.
If this would seem a worthwhile change, I can re-send it as a separate,
lower priority patch...
Jan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/