On Wed, Oct 16, 2019 at 7:21 AM Andrew Turner <and...@freebsd.org> wrote:
> Author: andrew > Date: Wed Oct 16 13:21:01 2019 > New Revision: 353640 > URL: https://svnweb.freebsd.org/changeset/base/353640 > > Log: > Stop leaking information from the kernel through timespec > > The timespec struct holds a seconds value in a time_t and a nanoseconds > value in a long. On most architectures these are the same size, however > on 32-bit architectures other than i386 time_t is 8 bytes and long is > 4 bytes. > > Most ABIs will then pad a struct holding an 8 byte and 4 byte value to > 16 bytes with 4 bytes of padding. When copying one of these structs the > compiler is free to copy the padding if it wishes. > > In this case the padding may contain kernel data that is then leaked to > userspace. Fix this by copying the timespec elements rather than the > entire struct. > > This doesn't affect Tier-1 architectures so no SA is expected. > > admbugs: 651 > MFC after: 1 week > Sponsored by: DARPA, AFRL > Good catch. Might I ask how you found it, or who reported it? _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
