[{"id":1763076,"web_url":"http://patchwork.ozlabs.org/comment/1763076/","msgid":"<7775c732-0f79-6ab8-67c8-3185523b9331@canonical.com>","list_archive_url":null,"date":"2017-09-05T08:51:29","subject":"ACK: [Trusty SRU][PATCH 1/1] fix minor infoleak in get_user_ex()","submitter":{"id":2900,"url":"http://patchwork.ozlabs.org/api/people/2900/","name":"Colin Ian King","email":"colin.king@canonical.com"},"content":"On 05/09/17 09:43, Kleber Sacilotto de Souza wrote:\n> From: Al Viro <viro@ZenIV.linux.org.uk>\n> \n> CVE-2016-9178\n> \n> get_user_ex(x, ptr) should zero x on failure.  It's not a lot of a leak\n> (at most we are leaking uninitialized 64bit value off the kernel stack,\n> and in a fairly constrained situation, at that), but the fix is trivial,\n> so...\n> \n> Cc: stable@vger.kernel.org\n> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>\n> [ This sat in different branch from the uaccess fixes since mid-August ]\n> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>\n> (cherry picked from commit 1c109fabbd51863475cd12ac206bdd249aee35af)\n> Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>\n> ---\n>  arch/x86/include/asm/uaccess.h | 6 +++++-\n>  1 file changed, 5 insertions(+), 1 deletion(-)\n> \n> diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h\n> index 8ec57c07b125..20e5bacf961c 100644\n> --- a/arch/x86/include/asm/uaccess.h\n> +++ b/arch/x86/include/asm/uaccess.h\n> @@ -383,7 +383,11 @@ do {\t\t\t\t\t\t\t\t\t\\\n>  #define __get_user_asm_ex(x, addr, itype, rtype, ltype)\t\t\t\\\n>  \tasm volatile(\"1:\tmov\"itype\" %1,%\"rtype\"0\\n\"\t\t\\\n>  \t\t     \"2:\\n\"\t\t\t\t\t\t\\\n> -\t\t     _ASM_EXTABLE_EX(1b, 2b)\t\t\t\t\\\n> +\t\t     \".section .fixup,\\\"ax\\\"\\n\"\t\t\t\t\\\n> +                     \"3:xor\"itype\" %\"rtype\"0,%\"rtype\"0\\n\"\t\t\\\n> +\t\t     \"  jmp 2b\\n\"\t\t\t\t\t\\\n> +\t\t     \".previous\\n\"\t\t\t\t\t\\\n> +\t\t     _ASM_EXTABLE_EX(1b, 3b)\t\t\t\t\\\n>  \t\t     : ltype(x) : \"m\" (__m(addr)))\n>  \n>  #define __put_user_nocheck(x, ptr, size)\t\t\t\\\n> \nClean cherry pick, looks good to me.\n\nAcked-by: Colin Ian King <colin.king@canonical.com>","headers":{"Return-Path":"<kernel-team-bounces@lists.ubuntu.com>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com\n\t(client-ip=91.189.94.19; helo=huckleberry.canonical.com;\n\tenvelope-from=kernel-team-bounces@lists.ubuntu.com;\n\treceiver=<UNKNOWN>)","Received":["from huckleberry.canonical.com (huckleberry.canonical.com\n\t[91.189.94.19])\n\tby ozlabs.org (Postfix) with ESMTP id 3xmgS72K2Fz9sNr;\n\tTue,  5 Sep 2017 18:51:35 +1000 (AEST)","from localhost ([127.0.0.1] helo=huckleberry.canonical.com)\n\tby huckleberry.canonical.com with esmtp (Exim 4.86_2)\n\t(envelope-from <kernel-team-bounces@lists.ubuntu.com>)\n\tid 1dp9a0-0006SX-2o; Tue, 05 Sep 2017 08:51:32 +0000","from youngberry.canonical.com ([91.189.89.112])\n\tby huckleberry.canonical.com with esmtps\n\t(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)\n\t(Exim 4.86_2) (envelope-from <colin.king@canonical.com>)\n\tid 1dp9Zy-0006SG-HV\n\tfor kernel-team@lists.ubuntu.com; Tue, 05 Sep 2017 08:51:30 +0000","from 1.general.cking.uk.vpn ([10.172.193.212])\n\tby youngberry.canonical.com with esmtpsa\n\t(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)\n\t(Exim 4.76) (envelope-from <colin.king@canonical.com>)\n\tid 1dp9Zy-0001lC-93; Tue, 05 Sep 2017 08:51:30 +0000"],"Subject":"ACK: [Trusty SRU][PATCH 1/1] fix minor infoleak in get_user_ex()","To":"Kleber Sacilotto de Souza <kleber.souza@canonical.com>,\n\tkernel-team@lists.ubuntu.com","References":"<20170905084327.25062-1-kleber.souza@canonical.com>\n\t<20170905084327.25062-2-kleber.souza@canonical.com>","From":"Colin Ian King <colin.king@canonical.com>","Message-ID":"<7775c732-0f79-6ab8-67c8-3185523b9331@canonical.com>","Date":"Tue, 5 Sep 2017 09:51:29 +0100","User-Agent":"Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101\n\tThunderbird/45.8.0","MIME-Version":"1.0","In-Reply-To":"<20170905084327.25062-2-kleber.souza@canonical.com>","X-BeenThere":"kernel-team@lists.ubuntu.com","X-Mailman-Version":"2.1.20","Precedence":"list","List-Id":"Kernel team discussions <kernel-team.lists.ubuntu.com>","List-Unsubscribe":"<https://lists.ubuntu.com/mailman/options/kernel-team>,\n\t<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>","List-Archive":"<https://lists.ubuntu.com/archives/kernel-team>","List-Post":"<mailto:kernel-team@lists.ubuntu.com>","List-Help":"<mailto:kernel-team-request@lists.ubuntu.com?subject=help>","List-Subscribe":"<https://lists.ubuntu.com/mailman/listinfo/kernel-team>,\n\t<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>","Content-Type":"text/plain; charset=\"utf-8\"","Content-Transfer-Encoding":"base64","Errors-To":"kernel-team-bounces@lists.ubuntu.com","Sender":"\"kernel-team\" <kernel-team-bounces@lists.ubuntu.com>"}},{"id":1763340,"web_url":"http://patchwork.ozlabs.org/comment/1763340/","msgid":"<f7c138ac-73c7-e2e9-937f-5cce4699c2d4@canonical.com>","list_archive_url":null,"date":"2017-09-05T13:03:23","subject":"ACK: [Trusty SRU][PATCH 1/1] fix minor infoleak in get_user_ex()","submitter":{"id":2898,"url":"http://patchwork.ozlabs.org/api/people/2898/","name":"Stefan Bader","email":"stefan.bader@canonical.com"},"content":"On 05.09.2017 10:43, Kleber Sacilotto de Souza wrote:\n> From: Al Viro <viro@ZenIV.linux.org.uk>\n> \n> CVE-2016-9178\n> \n> get_user_ex(x, ptr) should zero x on failure.  It's not a lot of a leak\n> (at most we are leaking uninitialized 64bit value off the kernel stack,\n> and in a fairly constrained situation, at that), but the fix is trivial,\n> so...\n> \n> Cc: stable@vger.kernel.org\n> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>\n> [ This sat in different branch from the uaccess fixes since mid-August ]\n> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>\n> (cherry picked from commit 1c109fabbd51863475cd12ac206bdd249aee35af)\n> Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>\nAcked-by: Stefan Bader <stefan.bader@canonical.com>\n\n> ---\n>  arch/x86/include/asm/uaccess.h | 6 +++++-\n>  1 file changed, 5 insertions(+), 1 deletion(-)\n> \n> diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h\n> index 8ec57c07b125..20e5bacf961c 100644\n> --- a/arch/x86/include/asm/uaccess.h\n> +++ b/arch/x86/include/asm/uaccess.h\n> @@ -383,7 +383,11 @@ do {\t\t\t\t\t\t\t\t\t\\\n>  #define __get_user_asm_ex(x, addr, itype, rtype, ltype)\t\t\t\\\n>  \tasm volatile(\"1:\tmov\"itype\" %1,%\"rtype\"0\\n\"\t\t\\\n>  \t\t     \"2:\\n\"\t\t\t\t\t\t\\\n> -\t\t     _ASM_EXTABLE_EX(1b, 2b)\t\t\t\t\\\n> +\t\t     \".section .fixup,\\\"ax\\\"\\n\"\t\t\t\t\\\n> +                     \"3:xor\"itype\" %\"rtype\"0,%\"rtype\"0\\n\"\t\t\\\n> +\t\t     \"  jmp 2b\\n\"\t\t\t\t\t\\\n> +\t\t     \".previous\\n\"\t\t\t\t\t\\\n> +\t\t     _ASM_EXTABLE_EX(1b, 3b)\t\t\t\t\\\n>  \t\t     : ltype(x) : \"m\" (__m(addr)))\n>  \n>  #define __put_user_nocheck(x, ptr, size)\t\t\t\\\n>","headers":{"Return-Path":"<kernel-team-bounces@lists.ubuntu.com>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com\n\t(client-ip=91.189.94.19; helo=huckleberry.canonical.com;\n\tenvelope-from=kernel-team-bounces@lists.ubuntu.com;\n\treceiver=<UNKNOWN>)","Received":["from huckleberry.canonical.com (huckleberry.canonical.com\n\t[91.189.94.19])\n\tby ozlabs.org (Postfix) with ESMTP id 3xmn2m6rKSz9t1t;\n\tTue,  5 Sep 2017 23:03:28 +1000 (AEST)","from localhost ([127.0.0.1] helo=huckleberry.canonical.com)\n\tby huckleberry.canonical.com with esmtp (Exim 4.86_2)\n\t(envelope-from <kernel-team-bounces@lists.ubuntu.com>)\n\tid 1dpDVm-0007w9-3D; Tue, 05 Sep 2017 13:03:26 +0000","from youngberry.canonical.com ([91.189.89.112])\n\tby huckleberry.canonical.com with esmtps\n\t(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)\n\t(Exim 4.86_2) (envelope-from <stefan.bader@canonical.com>)\n\tid 1dpDVk-0007vX-4G\n\tfor kernel-team@lists.ubuntu.com; Tue, 05 Sep 2017 13:03:24 +0000","from 1.general.smb.uk.vpn ([10.172.193.28])\n\tby youngberry.canonical.com with esmtpsa\n\t(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)\n\t(Exim 4.76) (envelope-from <stefan.bader@canonical.com>)\n\tid 1dpDVj-00080E-ST\n\tfor kernel-team@lists.ubuntu.com; Tue, 05 Sep 2017 13:03:23 +0000"],"Subject":"ACK: [Trusty SRU][PATCH 1/1] fix minor infoleak in get_user_ex()","To":"kernel-team@lists.ubuntu.com","References":"<20170905084327.25062-1-kleber.souza@canonical.com>\n\t<20170905084327.25062-2-kleber.souza@canonical.com>","From":"Stefan Bader <stefan.bader@canonical.com>","Message-ID":"<f7c138ac-73c7-e2e9-937f-5cce4699c2d4@canonical.com>","Date":"Tue, 5 Sep 2017 15:03:23 +0200","User-Agent":"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101\n\tThunderbird/52.2.1","MIME-Version":"1.0","In-Reply-To":"<20170905084327.25062-2-kleber.souza@canonical.com>","X-BeenThere":"kernel-team@lists.ubuntu.com","X-Mailman-Version":"2.1.20","Precedence":"list","List-Id":"Kernel team discussions <kernel-team.lists.ubuntu.com>","List-Unsubscribe":"<https://lists.ubuntu.com/mailman/options/kernel-team>,\n\t<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>","List-Archive":"<https://lists.ubuntu.com/archives/kernel-team>","List-Post":"<mailto:kernel-team@lists.ubuntu.com>","List-Help":"<mailto:kernel-team-request@lists.ubuntu.com?subject=help>","List-Subscribe":"<https://lists.ubuntu.com/mailman/listinfo/kernel-team>,\n\t<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>","Content-Type":"multipart/mixed;\n\tboundary=\"===============4116822282687277718==\"","Errors-To":"kernel-team-bounces@lists.ubuntu.com","Sender":"\"kernel-team\" <kernel-team-bounces@lists.ubuntu.com>"}},{"id":1763397,"web_url":"http://patchwork.ozlabs.org/comment/1763397/","msgid":"<d748d765-c499-a5c8-15dc-2552e35c6d6b@canonical.com>","list_archive_url":null,"date":"2017-09-05T14:23:55","subject":"APPLIED: [Trusty SRU][PATCH 1/1] fix minor infoleak in get_user_ex()","submitter":{"id":71419,"url":"http://patchwork.ozlabs.org/api/people/71419/","name":"Kleber Sacilotto de Souza","email":"kleber.souza@canonical.com"},"content":"Applied to trusty/master-next branch. Thanks.","headers":{"Return-Path":"<kernel-team-bounces@lists.ubuntu.com>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com\n\t(client-ip=91.189.94.19; helo=huckleberry.canonical.com;\n\tenvelope-from=kernel-team-bounces@lists.ubuntu.com;\n\treceiver=<UNKNOWN>)","Received":["from huckleberry.canonical.com (huckleberry.canonical.com\n\t[91.189.94.19])\n\tby ozlabs.org (Postfix) with ESMTP id 3xmpql5kxnz9t16;\n\tWed,  6 Sep 2017 00:24:03 +1000 (AEST)","from localhost ([127.0.0.1] helo=huckleberry.canonical.com)\n\tby huckleberry.canonical.com with esmtp (Exim 4.86_2)\n\t(envelope-from <kernel-team-bounces@lists.ubuntu.com>)\n\tid 1dpElk-0000AZ-FG; Tue, 05 Sep 2017 14:24:00 +0000","from youngberry.canonical.com ([91.189.89.112])\n\tby huckleberry.canonical.com with esmtps\n\t(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)\n\t(Exim 4.86_2) (envelope-from <kleber.souza@canonical.com>)\n\tid 1dpEli-0000AN-P0\n\tfor kernel-team@lists.ubuntu.com; Tue, 05 Sep 2017 14:23:58 +0000","from mail-wr0-f198.google.com ([209.85.128.198])\n\tby youngberry.canonical.com with esmtps\n\t(TLS1.0:RSA_AES_128_CBC_SHA1:16)\n\t(Exim 4.76) (envelope-from <kleber.souza@canonical.com>)\n\tid 1dpEli-0003YB-Hl\n\tfor kernel-team@lists.ubuntu.com; Tue, 05 Sep 2017 14:23:58 +0000","by mail-wr0-f198.google.com with SMTP id 40so4991996wrv.4\n\tfor <kernel-team@lists.ubuntu.com>;\n\tTue, 05 Sep 2017 07:23:58 -0700 (PDT)","from [192.168.0.8] (ip5f5bd015.dynamic.kabel-deutschland.de.\n\t[95.91.208.21])\n\tby smtp.gmail.com with ESMTPSA id n2sm568756edd.8.2017.09.05.07.23.56\n\tfor <kernel-team@lists.ubuntu.com>\n\t(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\n\tTue, 05 Sep 2017 07:23:56 -0700 (PDT)"],"X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:subject:from:to:references:message-id:date\n\t:user-agent:mime-version:in-reply-to:content-language\n\t:content-transfer-encoding;\n\tbh=+gEGoJyqD03JW2xAT1GWEuKon3IBpN8wxoVyrjnm60k=;\n\tb=ubovrgaEGK+GanHwvNeysbqISGsoTwielIJUPGUGFo6oYPp9AEXbYp9f2UzPXQm+4i\n\taqoU4XfS+3Mvu1EVb/VTvtvOKeVUTMFfxqOcMpT+64gsZEF1EYuNGWAKyBZNzHg4K8XZ\n\t/lg9eihnJB63nYnhDHmihSeVCx8vWw+yDSGojDq5BHIFgmxLv11AeY55PdBSDKJzrWpv\n\tCo/6LEwZjM5egmYo7C9qSOBdPXNBPlPc4cwl+osY3t2JlRHjka5/fgpCxh6RUD1q5dxv\n\thsOIbab/m8Yijw7SBfjpYnAAK93Lpt/2pE4GJ1piVsEt0QrLwe55yaiRMrr2g21isPGQ\n\tfvug==","X-Gm-Message-State":"AHPjjUj9pj3M3vwjpmDnRlCYdL3ZfJQDI1IzI5QnZ+nyf0LUm0X9Q/uY\n\ttjtmPRZJ1N7VChsYEaFEyXAxj0qmBLBYoh7MAM6zv3/KCudOCvV0jUyumoAbdhTYjV31gpSZl+2\n\tsgvXmqjYp5DDRyYGbOVmLzjrGvPe4wdLp","X-Received":["by 10.80.135.68 with SMTP id 4mr1136575edv.266.1504621437782;\n\tTue, 05 Sep 2017 07:23:57 -0700 (PDT)","by 10.80.135.68 with SMTP id 4mr1136572edv.266.1504621437637;\n\tTue, 05 Sep 2017 07:23:57 -0700 (PDT)"],"X-Google-Smtp-Source":"ADKCNb5PdDMRxTHXk2/c1GsVpikIde3Z0APXm72flT1Qiz2sgFKl5dWcFp7AECJ0nEg+aFzMHBQXkw==","Subject":"APPLIED: [Trusty SRU][PATCH 1/1] fix minor infoleak in get_user_ex()","From":"Kleber Souza <kleber.souza@canonical.com>","To":"kernel-team@lists.ubuntu.com","References":"<20170905084327.25062-1-kleber.souza@canonical.com>\n\t<20170905084327.25062-2-kleber.souza@canonical.com>","Message-ID":"<d748d765-c499-a5c8-15dc-2552e35c6d6b@canonical.com>","Date":"Tue, 5 Sep 2017 16:23:55 +0200","User-Agent":"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101\n\tThunderbird/52.2.1","MIME-Version":"1.0","In-Reply-To":"<20170905084327.25062-2-kleber.souza@canonical.com>","Content-Language":"en-US","X-BeenThere":"kernel-team@lists.ubuntu.com","X-Mailman-Version":"2.1.20","Precedence":"list","List-Id":"Kernel team discussions <kernel-team.lists.ubuntu.com>","List-Unsubscribe":"<https://lists.ubuntu.com/mailman/options/kernel-team>,\n\t<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>","List-Archive":"<https://lists.ubuntu.com/archives/kernel-team>","List-Post":"<mailto:kernel-team@lists.ubuntu.com>","List-Help":"<mailto:kernel-team-request@lists.ubuntu.com?subject=help>","List-Subscribe":"<https://lists.ubuntu.com/mailman/listinfo/kernel-team>,\n\t<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>","Content-Type":"text/plain; charset=\"utf-8\"","Content-Transfer-Encoding":"base64","Errors-To":"kernel-team-bounces@lists.ubuntu.com","Sender":"\"kernel-team\" <kernel-team-bounces@lists.ubuntu.com>"}}]