diff options
author | Andy Lutomirski <luto@kernel.org> | 2017-08-01 14:11:34 (GMT) |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2017-09-20 06:19:57 (GMT) |
commit | c7d1ddec251d39415cd488c29e9d60b22d4b61b7 (patch) | |
tree | b22b5c916c460283c4a0df491d4e28a7be619efd /include | |
parent | cc9618c9fffe6bd362f048928e15effe04e5b6cd (diff) | |
download | linux-c7d1ddec251d39415cd488c29e9d60b22d4b61b7.tar.xz |
x86/fsgsbase/64: Fully initialize FS and GS state in start_thread_common
commit 767d035d838f4fd6b5a5bbd7a3f6d293b7f65a49 upstream.
execve used to leak FSBASE and GSBASE on AMD CPUs. Fix it.
The security impact of this bug is small but not quite zero -- it
could weaken ASLR when a privileged task execs a less privileged
program, but only if program changed bitness across the exec, or the
child binary was highly unusual or actively malicious. A child
program that was compromised after the exec would not have access to
the leaked base.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Borislav Petkov <bpetkov@suse.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Chang Seok <chang.seok.bae@intel.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'include')
0 files changed, 0 insertions, 0 deletions