MIME-Version: 1.0
In-Reply-To: <d6b05a2bd81c9833c5119b3e950862755ab28935.1478525307.git.jslaby@suse.cz>
References: <cover.1478523828.git.jslaby@suse.cz> <7c0dfa3b2ea712bd2cc6343445f263815b81918f.1478525307.git.jslaby@suse.cz>
 <d6b05a2bd81c9833c5119b3e950862755ab28935.1478525307.git.jslaby@suse.cz>
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Mon, 7 Nov 2016 08:45:59 -0800
Message-ID: <CA+55aFwXuut8k29cYqnCGjgk9Ymq--Zjfziz+sM__FVLoTJu+A@mail.gmail.com>
Subject: Re: [PATCH 3.12 69/72] Revert "fix minor infoleak in get_user_ex()"
To: Jiri Slaby <jslaby@suse.cz>, Greg KH <greg@kroah.com>
Cc: stable <stable@vger.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Al Viro <viro@zeniv.linux.org.uk>
Content-Type: multipart/mixed; boundary=001a113e39f63abb190540b8c21c
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 2813
Lines: 50

--001a113e39f63abb190540b8c21c
Content-Type: text/plain; charset=UTF-8

So a patch something like this might be a safe way to fix the
potential infoleak in older kernels.

THIS IS UNTESTED. It's a very obvious patch, though, so if it compiles
it probably works. It just initializes the output variable with 0 in
the inline asm description, instead of doing it in the exception
handler.

It will generate slightly worse code (a few unnecessary ALU
operations), but it doesn't have any interactions with the exception
handler implementation.

                  Linus

--001a113e39f63abb190540b8c21c
Content-Type: text/plain; charset=US-ASCII; name="patch.diff"
Content-Disposition: attachment; filename="patch.diff"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_iv8aueam0

IGFyY2gveDg2L2luY2x1ZGUvYXNtL3VhY2Nlc3MuaCB8IDEwICsrKysrLS0tLS0KIDEgZmlsZSBj
aGFuZ2VkLCA1IGluc2VydGlvbnMoKyksIDUgZGVsZXRpb25zKC0pCgpkaWZmIC0tZ2l0IGEvYXJj
aC94ODYvaW5jbHVkZS9hc20vdWFjY2Vzcy5oIGIvYXJjaC94ODYvaW5jbHVkZS9hc20vdWFjY2Vz
cy5oCmluZGV4IDU4MzhmYTkxMWFhMC4uYzJlMDZlZThiMjkwIDEwMDY0NAotLS0gYS9hcmNoL3g4
Ni9pbmNsdWRlL2FzbS91YWNjZXNzLmgKKysrIGIvYXJjaC94ODYvaW5jbHVkZS9hc20vdWFjY2Vz
cy5oCkBAIC0zMjEsNyArMzIxLDcgQEAgZG8gewkJCQkJCQkJCVwKICNkZWZpbmUgX19nZXRfdXNl
cl9hc21fdTY0KHgsIHB0ciwgcmV0dmFsLCBlcnJyZXQpIFwKIAkgX19nZXRfdXNlcl9hc20oeCwg
cHRyLCByZXR2YWwsICJxIiwgIiIsICI9ciIsIGVycnJldCkKICNkZWZpbmUgX19nZXRfdXNlcl9h
c21fZXhfdTY0KHgsIHB0cikgXAotCSBfX2dldF91c2VyX2FzbV9leCh4LCBwdHIsICJxIiwgIiIs
ICI9ciIpCisJIF9fZ2V0X3VzZXJfYXNtX2V4KHgsIHB0ciwgInEiLCAiIiwgIj0mciIpCiAjZW5k
aWYKIAogI2RlZmluZSBfX2dldF91c2VyX3NpemUoeCwgcHRyLCBzaXplLCByZXR2YWwsIGVycnJl
dCkJCQlcCkBAIC0zNjQsMTMgKzM2NCwxMyBAQCBkbyB7CQkJCQkJCQkJXAogCV9fY2hrX3VzZXJf
cHRyKHB0cik7CQkJCQkJXAogCXN3aXRjaCAoc2l6ZSkgewkJCQkJCQlcCiAJY2FzZSAxOgkJCQkJ
CQkJXAotCQlfX2dldF91c2VyX2FzbV9leCh4LCBwdHIsICJiIiwgImIiLCAiPXEiKTsJCVwKKwkJ
X19nZXRfdXNlcl9hc21fZXgoeCwgcHRyLCAiYiIsICJiIiwgIj0mcSIpOwkJXAogCQlicmVhazsJ
CQkJCQkJXAogCWNhc2UgMjoJCQkJCQkJCVwKLQkJX19nZXRfdXNlcl9hc21fZXgoeCwgcHRyLCAi
dyIsICJ3IiwgIj1yIik7CQlcCisJCV9fZ2V0X3VzZXJfYXNtX2V4KHgsIHB0ciwgInciLCAidyIs
ICI9JnIiKTsJCVwKIAkJYnJlYWs7CQkJCQkJCVwKIAljYXNlIDQ6CQkJCQkJCQlcCi0JCV9fZ2V0
X3VzZXJfYXNtX2V4KHgsIHB0ciwgImwiLCAiayIsICI9ciIpOwkJXAorCQlfX2dldF91c2VyX2Fz
bV9leCh4LCBwdHIsICJsIiwgImsiLCAiPSZyIik7CQlcCiAJCWJyZWFrOwkJCQkJCQlcCiAJY2Fz
ZSA4OgkJCQkJCQkJXAogCQlfX2dldF91c2VyX2FzbV9leF91NjQoeCwgcHRyKTsJCQkJXApAQCAt
Mzg0LDcgKzM4NCw3IEBAIGRvIHsJCQkJCQkJCQlcCiAJYXNtIHZvbGF0aWxlKCIxOgltb3YiaXR5
cGUiICUxLCUicnR5cGUiMFxuIgkJXAogCQkgICAgICIyOlxuIgkJCQkJCVwKIAkJICAgICBfQVNN
X0VYVEFCTEVfRVgoMWIsIDJiKQkJCQlcCi0JCSAgICAgOiBsdHlwZSh4KSA6ICJtIiAoX19tKGFk
ZHIpKSkKKwkJICAgICA6IGx0eXBlKHgpIDogIm0iIChfX20oYWRkcikpLCAiMCIgKDApKQogCiAj
ZGVmaW5lIF9fcHV0X3VzZXJfbm9jaGVjayh4LCBwdHIsIHNpemUpCQkJXAogKHsJCQkJCQkJCVwK
--001a113e39f63abb190540b8c21c--