Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp4480624ybz; Tue, 21 Apr 2020 01:09:39 -0700 (PDT) X-Google-Smtp-Source: APiQypLFXTMDU+fB9Plh9TYvGPCr4iUhBveCRrMqUGUYOPjKbzVDrPn3DFYGzGpDZ9f2OhI9Ui7Q X-Received: by 2002:a17:907:9484:: with SMTP id dm4mr20329164ejc.240.1587456579830; Tue, 21 Apr 2020 01:09:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587456579; cv=none; d=google.com; s=arc-20160816; b=Kwxk/PvXwFBDME6mT8toQ4Ljd4yrXoS8ii0t7Ba4+/MKX/3iCcPWkyTi+ftT+qCmpA N9bc2ddrVvtKEgW1V+hEuZda+3fBNDqzjLutO4sH3VJ9zvziesr4P5uhLTZLh0UTadZO MxAXk+XODCFyZVQCrX0YIcvqeP/plgGJJ3yY9ursLKJnLuYeOpnRi6iDxACj06EDjIdf OK8ZMNEHzUn94atM9ASqOXGjibqTf84BirwgWEhGQkCa+sVZYhArAMqiLTgs8/Bhh0mK RcqoUp5bkx5LS/dRuXPOmlCtzCq2sKmX1qToZuN7CwNdmlr6gSx2ZywOacf6+935e3ic O1Iw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=UFrL7qqq+/w5oEV7z5+bEMvnta8f1PTq2HfSAlQHjL8=; b=PRNdLM+321H7Tt9AB0cwrK8Z/AjEjuOuvw7qxHpMJH5D0w6cgshVbkexN4lCsSj8iw 5cBUeWOosH5iORpZgvJ52NKWi9GoBLSdRHHFkMkyA6T8BdWbYBmXPxY9bt//UMORvRSg gZRYhiXAaQ54d8hUYcz4hTfpfNL/ALLEi1U+ScELdy16zpaB98c+WtZRgL6+x2OJfMYk NzQlwL1XpZ7tEEueO1GgBtXapiFuf/qEoQIFP05Id98SfFDeDmP1V1K5zjw8ayKtyFlr 8MhPjSlE2+Bj1mPHhbse5u3HeTbnzHhR8vVAC5Pn2JqSXPunCukl3S5K+lyqydgfyCBV DYig== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=VtkzU6Cw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k3si1153985ejk.202.2020.04.21.01.09.14; Tue, 21 Apr 2020 01:09:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=VtkzU6Cw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728373AbgDUIGb (ORCPT + 99 others); Tue, 21 Apr 2020 04:06:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45854 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726123AbgDUIGa (ORCPT ); Tue, 21 Apr 2020 04:06:30 -0400 Received: from mail-wm1-x341.google.com (mail-wm1-x341.google.com [IPv6:2a00:1450:4864:20::341]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A90F0C061A0F for ; Tue, 21 Apr 2020 01:06:29 -0700 (PDT) Received: by mail-wm1-x341.google.com with SMTP id g12so2562364wmh.3 for ; Tue, 21 Apr 2020 01:06:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=UFrL7qqq+/w5oEV7z5+bEMvnta8f1PTq2HfSAlQHjL8=; b=VtkzU6Cwz50WlMChHtbCZ4913bjrfUyUNjnE3yWh6V5TSBKuzZljSFJkk3RxkYxQVc YvrDyf9rYaNG3nlR66jq4plgguH+c2MJzLfFIIjOJGP2H3Knj+QGWzfZ1mvWRVdwLGrQ yiKEvmDD8Oxuucw9gMD7Dwj7z567DNF9eONzR99XYIic7TsjdpOaLYQ42H+bPu2rJzqn bzXa1/OFMzjH9YGZ01EXsYLN9YL6MuQx++VDMTjrve039LgcYORJHI5TPa4+CABwQzk+ oQ3FT7HVSu5BAI9EHtmBaFE8QCGwiQaY+yQYgVmC7mXf6bMWkXGMIJNvRUz39pntMdNE TWjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=UFrL7qqq+/w5oEV7z5+bEMvnta8f1PTq2HfSAlQHjL8=; b=jjmgXVmPASSeJj3e30PI0UvihQVbIhtVnBtZwxHycQhsc1+CHpmjRUwKa2Yrn2nUt6 BeAHzGm7Gbyf5HPirklNmleb28bCjYBRMreU2YNGBeEGFAXvdRc83d8/6i/ulNAYKMFl xMAZMA8qwbHQw8XlSnZ5w1wFJGRi0CBCP/lphISsBCpLxXdyjs8Nr/TUx4MzB73gdc9t pCbmBBVX9HVKG0GVqaj49nV1nQmdvjRFUslIhXMpmyQvW+HvFim+xuUhKaAJIowjjrrm t8cf7eOvgNGj3sKcM0dcynhqFVpbBggx8fHXAKKWvuxFTMLFQO0Asv4P1855XBsHsI0q yWrg== X-Gm-Message-State: AGi0PuaUF4HPGyTMt/8U0pS+XHby/xt3uQnfj7iPOtOOklopU/xzZh1u jmOgWY5uxw7YwNgIK8NBIQ5z1mhCuIXXatSM+5bj3Q== X-Received: by 2002:a1c:f312:: with SMTP id q18mr3522898wmq.175.1587456388218; Tue, 21 Apr 2020 01:06:28 -0700 (PDT) MIME-Version: 1.0 References: <20200419100848.63472-1-glider@google.com> <20200420153352.6682533e794f591dae7aafbc@linux-foundation.org> <202004201540.01C8F82B@keescook> In-Reply-To: <202004201540.01C8F82B@keescook> From: Alexander Potapenko Date: Tue, 21 Apr 2020 10:06:16 +0200 Message-ID: Subject: Re: [PATCH] fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() To: Kees Cook Cc: Andrew Morton , Alexey Dobriyan , LKML , sunhaoyl@outlook.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > Ewww. That's been there for 12 years. Did something change in > regset_size() or regset->get()? Do you know what leaves the hole? I don't think anything changed on the kernel side recently. But I've made some changes to DMA handling recently, which made uninit writes to the disk discoverable. We don't use core dumping on syzbot (because the auto-generated programs crash all the time), so it could be a very old bug that was triggered in a non-standard setup.