Re: [PATCH 1/2] alpha: osf_sys.c: fix put_tv32 regression

From: Al Viro
Date: Tue Nov 07 2017 - 10:52:28 EST

Next message: Philippe CORNU: "Re: [PATCH] drm/stm: ltdc: add clut mode support"
Previous message: Petr Mladek: "Re: [PATCH v4] scripts: add leaking_addresses.pl"
In reply to: Ben Hutchings: "Re: [Y2038] [PATCH 2/2] alpha: osf_sys.c: use timespec64 where appropriate"
Next in thread: Arnd Bergmann: "Re: [PATCH 1/2] alpha: osf_sys.c: fix put_tv32 regression"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Nov 07, 2017 at 03:09:24PM +0100, Arnd Bergmann wrote:
> There was a typo in the new version of put_tv32() that caused
> uninitialized stack data to be written back to user space, rather
> than writing the actual timeval for the emulation of
> gettimeofday(), wait4(), usleep_thread() and old_adjtimex().
>
> This fixes it to write the correct data again.

*blink*

the bug is real, all right, and the fix is correct one, but where
do you get an infoleak? What it is is a user-triggerable oops -
just pass it an unmapped address. For anything mapped r/w it's
simply a no-op - userland data is unchanged.

IOW, the fix is correct, but commit message isn't - it's

"user-triggerable oops and in all cases failed to modify userland timeval32"

not

"uninitialized stack data to be written back to user space"
--
To unsubscribe from this list: send the line "unsubscribe linux-alpha" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html

Next message: Philippe CORNU: "Re: [PATCH] drm/stm: ltdc: add clut mode support"
Previous message: Petr Mladek: "Re: [PATCH v4] scripts: add leaking_addresses.pl"
In reply to: Ben Hutchings: "Re: [Y2038] [PATCH 2/2] alpha: osf_sys.c: use timespec64 where appropriate"
Next in thread: Arnd Bergmann: "Re: [PATCH 1/2] alpha: osf_sys.c: fix put_tv32 regression"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]