LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Re: [Security] [PATCH] proc: avoid information leaks to non-privileged processes

[Posted May 13, 2009 by jake]

From:  Linus Torvalds <torvalds-AT-linux-foundation.org>
To:  "Eric W. Biederman" <ebiederm-AT-xmission.com>
Subject:  Re: [Security] [PATCH] proc: avoid information leaks to non-privileged processes
Date:  Mon, 4 May 2009 15:24:15 -0700 (PDT)
Message-ID:  <alpine.LFD.2.01.0905041514350.4983@localhost.localdomain>
Cc:  Arjan van de Ven <arjan-AT-infradead.org>, Jake Edge <jake-AT-lwn.net>, security-AT-kernel.org, Linux Kernel Mailing List <linux-kernel-AT-vger.kernel.org>, James Morris <jmorris-AT-namei.org>, linux-security-module-AT-vger.kernel.org, Eric Paris <eparis-AT-redhat.com>, Alan Cox <alan-AT-lxorguk.ukuu.org.uk>, Roland McGrath <roland-AT-redhat.com>, mingo-AT-redhat.com, Andrew Morton <akpm-AT-linux-foundation.org>, Greg KH <greg-AT-kroah.com>, Matt Mackall <mpm-AT-selenic.com>
Archive-link:  Article, Thread 



On Mon, 4 May 2009, Eric W. Biederman wrote:

> Arjan van de Ven <arjan@infradead.org> writes:
> 
> > On Mon, 4 May 2009 12:00:12 -0700 (PDT)
> > Linus Torvalds <torvalds@linux-foundation.org> wrote:
> >
> >> 
> >> 
> >> On Mon, 4 May 2009, Jake Edge wrote:
> >> >
> >> > This is essentially v2 of "[PATCH] proc: avoid leaking eip, esp, or
> >> > wchan to non-privileged processes", adding some of Eric Biederman's
> >> > suggestions as well as the start_stack change (only give out that
> >> > address if the process is ptrace()-able).  This has been tested
> >> > with ps and top without any ill effects being seen.
> >> 
> >> Looks sane to me. Anybody objects?
> >> 
> >
> > Acked-by: Arjan van de Ven <arjan@linux.intel.com>
> 
> Looks sane here.
> 
> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>

Ok, applied.

Also, does anybody have any commentary or opinion on the patch by Matt 
Mackall to use stronger random numbers than "get_random_int()". I wonder 
what the performance impact of that is - "get_random_int()" is very cheap 
by design, and many users may consider calling "get_random_bytes()" to be 
overkill and a potential performance issue.

Quite frankly, the way "get_random_bytes()" works now (it does a _full_ 
sha thing every time), I think it's insane overkill. But I do have to 
admit that our current "get_random_int()" is insane _underkill_.

I'd like to improve the latter without going to quie the extreme that 
matt's patch did.

		Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
(Log in to post comments)

Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds