Re: [kernel-hardening] [PATCH v3 2/3] x86/fpu: tighten validation of user-supplied xstate_header

From: Rik van Riel
Date: Thu Sep 21 2017 - 16:21:59 EST


On Thu, 2017-09-21 at 11:52 -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@xxxxxxxxxx>
>
> Move validation of user-supplied xstate_headers into a helper
> function
> and call it from both the ptrace and sigreturn syscall paths.ÂÂThe
> new
> function also considers it to be an error if *any* reserved bits are
> set, whereas before we were just clearing most of them.
>
> This should reduce the chance of bugs that fail to correctly validate
> user-supplied XSAVE areas.ÂÂIt also will expose any broken userspace
> programs that set the other reserved bits; this is desirable because
> such programs will lose compatibility with future CPUs and kernels if
> those bits are ever used for anything.ÂÂ(There shouldn't be any such
> programs, and in fact in the case where the compacted format is in
> use
> we were already validating xfeatures.ÂÂBut you never know...)
>
> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
> Acked-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
> Cc: Andy Lutomirski <luto@xxxxxxxxxx>
> Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
> Cc: Fenghua Yu <fenghua.yu@xxxxxxxxx>
> Cc: Ingo Molnar <mingo@xxxxxxxxxx>
> Cc: Kevin Hao <haokexin@xxxxxxxxx>
> Cc: Oleg Nesterov <oleg@xxxxxxxxxx>
> Cc: Wanpeng Li <wanpeng.li@xxxxxxxxxxx>
> Cc: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx>
> Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
>
Reviewed-by: Rik van Riel <riel@xxxxxxxxxx>

--
All rights reversed

Attachment: signature.asc
Description: This is a digitally signed message part