Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/kern Fix info leak: instead of using SS_INIT as a litera...



details:   https://anonhg.NetBSD.org/src/rev/b736e7c68bef
branches:  trunk
changeset: 452505:b736e7c68bef
user:      maxv <maxv%NetBSD.org@localhost>
date:      Wed Jul 10 17:52:22 2019 +0000

description:
Fix info leak: instead of using SS_INIT as a literal compound, use a global
variable from rodata. The compound gets pushed on the stack, the padding
of the structure was therefore not initialized, and was getting leaked to
userland in sys___sigaltstack14().

diffstat:

 sys/kern/sys_lwp.c |  8 +++++---
 1 files changed, 5 insertions(+), 3 deletions(-)

diffs (36 lines):

diff -r ac4a2439e0d5 -r b736e7c68bef sys/kern/sys_lwp.c
--- a/sys/kern/sys_lwp.c        Wed Jul 10 17:32:37 2019 +0000
+++ b/sys/kern/sys_lwp.c        Wed Jul 10 17:52:22 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: sys_lwp.c,v 1.68 2019/07/01 17:15:43 maxv Exp $        */
+/*     $NetBSD: sys_lwp.c,v 1.69 2019/07/10 17:52:22 maxv Exp $        */
 
 /*-
  * Copyright (c) 2001, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sys_lwp.c,v 1.68 2019/07/01 17:15:43 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sys_lwp.c,v 1.69 2019/07/10 17:52:22 maxv Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -53,6 +53,8 @@
 
 #define        LWP_UNPARK_MAX          1024
 
+static const stack_t lwp_ss_init = SS_INIT;
+
 static syncobj_t lwp_park_sobj = {
        .sobj_flag      = SOBJ_SLEEPQ_LIFO,
        .sobj_unsleep   = sleepq_unsleep,
@@ -111,7 +113,7 @@
                return ENOMEM;
 
        error = lwp_create(l, p, uaddr, flags & LWP_DETACHED, NULL, 0,
-           mi_startlwp, arg, &l2, l->l_class, sigmask, &SS_INIT);
+           mi_startlwp, arg, &l2, l->l_class, sigmask, &lwp_ss_init);
        if (__predict_false(error)) {
                uvm_uarea_free(uaddr);
                return error;



Home | Main Index | Thread Index | Old Index