{"id":810000,"url":"http://patchwork.ozlabs.org/api/patches/810000/?format=json","web_url":"http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/20170905084327.25062-2-kleber.souza@canonical.com/","project":{"id":15,"url":"http://patchwork.ozlabs.org/api/projects/15/?format=json","name":"Ubuntu Kernel","link_name":"ubuntu-kernel","list_id":"kernel-team.lists.ubuntu.com","list_email":"kernel-team@lists.ubuntu.com","web_url":null,"scm_url":null,"webscm_url":null,"list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20170905084327.25062-2-kleber.souza@canonical.com>","list_archive_url":null,"date":"2017-09-05T08:43:27","name":"[Trusty,SRU,1/1] fix minor infoleak in get_user_ex()","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"c562dc7f8322f08c2852d87c34d66ade8d270bb9","submitter":{"id":71419,"url":"http://patchwork.ozlabs.org/api/people/71419/?format=json","name":"Kleber Sacilotto de Souza","email":"kleber.souza@canonical.com"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/20170905084327.25062-2-kleber.souza@canonical.com/mbox/","series":[{"id":1514,"url":"http://patchwork.ozlabs.org/api/series/1514/?format=json","web_url":"http://patchwork.ozlabs.org/project/ubuntu-kernel/list/?series=1514","date":"2017-09-05T08:43:26","name":"Fix for CVE-2016-9178","version":1,"mbox":"http://patchwork.ozlabs.org/series/1514/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/810000/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/810000/checks/","tags":{},"related":[],"headers":{"Return-Path":"<kernel-team-bounces@lists.ubuntu.com>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com\n\t(client-ip=91.189.94.19; helo=huckleberry.canonical.com;\n\tenvelope-from=kernel-team-bounces@lists.ubuntu.com;\n\treceiver=<UNKNOWN>)","Received":["from huckleberry.canonical.com (huckleberry.canonical.com\n\t[91.189.94.19])\n\tby ozlabs.org (Postfix) with ESMTP id 3xmgGy1w1hz9sNq;\n\tTue,  5 Sep 2017 18:43:38 +1000 (AEST)","from localhost ([127.0.0.1] helo=huckleberry.canonical.com)\n\tby huckleberry.canonical.com with esmtp (Exim 4.86_2)\n\t(envelope-from <kernel-team-bounces@lists.ubuntu.com>)\n\tid 1dp9SI-0005j4-Rh; Tue, 05 Sep 2017 08:43:34 +0000","from youngberry.canonical.com ([91.189.89.112])\n\tby huckleberry.canonical.com with esmtps\n\t(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)\n\t(Exim 4.86_2) (envelope-from <kleber.souza@canonical.com>)\n\tid 1dp9SH-0005iR-2n\n\tfor kernel-team@lists.ubuntu.com; Tue, 05 Sep 2017 08:43:33 +0000","from mail-wm0-f71.google.com ([74.125.82.71])\n\tby youngberry.canonical.com with esmtps\n\t(TLS1.0:RSA_AES_128_CBC_SHA1:16)\n\t(Exim 4.76) (envelope-from <kleber.souza@canonical.com>)\n\tid 1dp9SG-0001Gs-Rq\n\tfor kernel-team@lists.ubuntu.com; Tue, 05 Sep 2017 08:43:32 +0000","by mail-wm0-f71.google.com with SMTP id l19so3240428wmi.1\n\tfor <kernel-team@lists.ubuntu.com>;\n\tTue, 05 Sep 2017 01:43:32 -0700 (PDT)","from localhost (ip5f5bd015.dynamic.kabel-deutschland.de.\n\t[95.91.208.21]) by smtp.gmail.com with ESMTPSA id\n\tr14sm21620edd.56.2017.09.05.01.43.30\n\tfor <kernel-team@lists.ubuntu.com>\n\t(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);\n\tTue, 05 Sep 2017 01:43:31 -0700 (PDT)"],"X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:from:to:subject:date:message-id:in-reply-to\n\t:references;\n\tbh=VYjE4JRpjPV+wZ6uNFInaNIVs6NnDQn7TPwakF3i3oM=;\n\tb=Sm5aZUSvqD7JprvFZw3moGDYTPGP7YoEmXNCJQJwVx9usn837EIeV5NFhefHmI4qbi\n\trcFwUE8xJNqfcdS14Eu3vM6lHiMaBO3wztTLDGdzo0ouUU1HGOqBd5mLduA7zCOl0d50\n\twk8II3wgbIA7PVyGASFU83lxsbPtkj3h1250+PqCotXbAk6TEjfZfyDfAzc54JYeuLMB\n\tVii9yPNy/ykUvJoPZOQjvWQi3ZJp1F2Gj07QFfJCK7sQr7B5BJ67V3j+sB4ZO3pfisd3\n\t+x1dNQ8PYNfxidvxkDM0xfoV640q1I+FUiLSv309ru/UrUSLSESdI59Nws6eBj2KlDQA\n\t/49g==","X-Gm-Message-State":"AHPjjUgAOSG4GIPjv/xMlyCxkanY/rQcHYaTYPOfOI1eUZChhXcemTYG\n\tFwOI3CqoK8757TCwidNNVSOL8nI4qSWhwlYxlbSE3eHRvkxdeR/9v6A4Q1jguBl+YYMky0G9qlR\n\tU+CjncSFsaS/UOrCrp/WoLjJW36defWVy","X-Received":["by 10.80.148.239 with SMTP id t44mr2682494eda.108.1504601012300; \n\tTue, 05 Sep 2017 01:43:32 -0700 (PDT)","by 10.80.148.239 with SMTP id t44mr2682488eda.108.1504601012090; \n\tTue, 05 Sep 2017 01:43:32 -0700 (PDT)"],"X-Google-Smtp-Source":"ADKCNb7B4W4n7tml3UzF0R7KmiPv12GuYrPB6f77zxpiEELGVtFnNBEyLMVbZZPdsTtrewBT38T9Yg==","From":"Kleber Sacilotto de Souza <kleber.souza@canonical.com>","To":"kernel-team@lists.ubuntu.com","Subject":"[Trusty SRU][PATCH 1/1] fix minor infoleak in get_user_ex()","Date":"Tue,  5 Sep 2017 10:43:27 +0200","Message-Id":"<20170905084327.25062-2-kleber.souza@canonical.com>","X-Mailer":"git-send-email 2.14.1","In-Reply-To":"<20170905084327.25062-1-kleber.souza@canonical.com>","References":"<20170905084327.25062-1-kleber.souza@canonical.com>","X-BeenThere":"kernel-team@lists.ubuntu.com","X-Mailman-Version":"2.1.20","Precedence":"list","List-Id":"Kernel team discussions <kernel-team.lists.ubuntu.com>","List-Unsubscribe":"<https://lists.ubuntu.com/mailman/options/kernel-team>,\n\t<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>","List-Archive":"<https://lists.ubuntu.com/archives/kernel-team>","List-Post":"<mailto:kernel-team@lists.ubuntu.com>","List-Help":"<mailto:kernel-team-request@lists.ubuntu.com?subject=help>","List-Subscribe":"<https://lists.ubuntu.com/mailman/listinfo/kernel-team>,\n\t<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>","MIME-Version":"1.0","Content-Type":"text/plain; charset=\"utf-8\"","Content-Transfer-Encoding":"base64","Errors-To":"kernel-team-bounces@lists.ubuntu.com","Sender":"\"kernel-team\" <kernel-team-bounces@lists.ubuntu.com>"},"content":"From: Al Viro <viro@ZenIV.linux.org.uk>\n\nCVE-2016-9178\n\nget_user_ex(x, ptr) should zero x on failure.  It's not a lot of a leak\n(at most we are leaking uninitialized 64bit value off the kernel stack,\nand in a fairly constrained situation, at that), but the fix is trivial,\nso...\n\nCc: stable@vger.kernel.org\nSigned-off-by: Al Viro <viro@zeniv.linux.org.uk>\n[ This sat in different branch from the uaccess fixes since mid-August ]\nSigned-off-by: Linus Torvalds <torvalds@linux-foundation.org>\n(cherry picked from commit 1c109fabbd51863475cd12ac206bdd249aee35af)\nSigned-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>\n---\n arch/x86/include/asm/uaccess.h | 6 +++++-\n 1 file changed, 5 insertions(+), 1 deletion(-)","diff":"diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h\nindex 8ec57c07b125..20e5bacf961c 100644\n--- a/arch/x86/include/asm/uaccess.h\n+++ b/arch/x86/include/asm/uaccess.h\n@@ -383,7 +383,11 @@ do {\t\t\t\t\t\t\t\t\t\\\n #define __get_user_asm_ex(x, addr, itype, rtype, ltype)\t\t\t\\\n \tasm volatile(\"1:\tmov\"itype\" %1,%\"rtype\"0\\n\"\t\t\\\n \t\t     \"2:\\n\"\t\t\t\t\t\t\\\n-\t\t     _ASM_EXTABLE_EX(1b, 2b)\t\t\t\t\\\n+\t\t     \".section .fixup,\\\"ax\\\"\\n\"\t\t\t\t\\\n+                     \"3:xor\"itype\" %\"rtype\"0,%\"rtype\"0\\n\"\t\t\\\n+\t\t     \"  jmp 2b\\n\"\t\t\t\t\t\\\n+\t\t     \".previous\\n\"\t\t\t\t\t\\\n+\t\t     _ASM_EXTABLE_EX(1b, 3b)\t\t\t\t\\\n \t\t     : ltype(x) : \"m\" (__m(addr)))\n \n #define __put_user_nocheck(x, ptr, size)\t\t\t\\\n","prefixes":["Trusty","SRU","1/1"]}