On Thu, 2017-09-21 at 11:52 -0700, Eric Biggers wrote: > From: Eric Biggers <ebigg...@google.com> > > Move validation of user-supplied xstate_headers into a helper > function > and call it from both the ptrace and sigreturn syscall paths. The > new > function also considers it to be an error if *any* reserved bits are > set, whereas before we were just clearing most of them. > > This should reduce the chance of bugs that fail to correctly validate > user-supplied XSAVE areas. It also will expose any broken userspace > programs that set the other reserved bits; this is desirable because > such programs will lose compatibility with future CPUs and kernels if > those bits are ever used for anything. (There shouldn't be any such > programs, and in fact in the case where the compacted format is in > use > we were already validating xfeatures. But you never know...) > > Reviewed-by: Kees Cook <keesc...@chromium.org> > Acked-by: Dave Hansen <dave.han...@linux.intel.com> > Cc: Andy Lutomirski <l...@kernel.org> > Cc: Dmitry Vyukov <dvyu...@google.com> > Cc: Fenghua Yu <fenghua...@intel.com> > Cc: Ingo Molnar <mi...@kernel.org> > Cc: Kevin Hao <haoke...@gmail.com> > Cc: Oleg Nesterov <o...@redhat.com> > Cc: Wanpeng Li <wanpeng...@hotmail.com> > Cc: Yu-cheng Yu <yu-cheng...@intel.com> > Signed-off-by: Eric Biggers <ebigg...@google.com> > Reviewed-by: Rik van Riel <r...@redhat.com>
-- All rights reversed
signature.asc
Description: This is a digitally signed message part