On Wed, May 24, 2017 at 5:21 AM, Mateusz Jurczyk <[email protected]> wrote: > Prevent use of uninitialized memory (originating from the stack frame of > do_sysctl()) by verifying that the name array is filled with sufficient > input data before comparing its specific entries with integer constants. > > Through timing measurement or analyzing the kernel debug logs, a user-mode > program could potentially infer the results of comparisons against the > uninitialized memory, and acquire some (very limited) information about the > state of the kernel stack. The change also eliminates possible future > warnings by tools such as KMSAN and other code checkers / > instrumentations. > > Signed-off-by: Mateusz Jurczyk <[email protected]>
Acked-by: Kees Cook <[email protected]> -Kees > --- > kernel/sysctl_binary.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/sysctl_binary.c b/kernel/sysctl_binary.c > index ece4b177052b..38d6ba22a209 100644 > --- a/kernel/sysctl_binary.c > +++ b/kernel/sysctl_binary.c > @@ -1346,7 +1346,7 @@ static void deprecated_sysctl_warning(const int *name, > int nlen) > * CTL_KERN/KERN_VERSION is used by older glibc and cannot > * ever go away. > */ > - if (name[0] == CTL_KERN && name[1] == KERN_VERSION) > + if (nlen >= 2 && name[0] == CTL_KERN && name[1] == KERN_VERSION) > return; > > if (printk_ratelimit()) { > -- > 2.13.0.219.gdb65acc882-goog > -- Kees Cook Pixel Security
