On Wed, Jun 13, 2012 at 12:54 AM, Philip Guenther <guent...@gmail.com> wrote: > On Tuesday, June 12, 2012, bj.perso wrote: >> >> FreeBSD and NetBSD seem affected, how about OpenBSD ? > > Nope. The necessary check(s) for setting bogus return addresses has been in > place since, uh, 2004. Ditto for always returning from signal handlers > using iretq instead of sysretq.
To correct and clarify: while the "bogus return address" checks date back to 2004, the return from signal handler path wasn't *forced* to use iretq until OpenBSD 5.0. Previous versions used iretq normally, but manually written code could force it to use sysretq and trigger this issue. (Thank you to Rafal Wojtczuk for the original discussion and for catching my misleading note above.) So, if you're still running and64 OpenBSD 4.9 or earlier on Intel hardware, you need to upgrade. (Thanks, Intel, for screwing this up.) Philip Guenther
