Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755002Ab2BVSVd (ORCPT ); Wed, 22 Feb 2012 13:21:33 -0500 Received: from terminus.zytor.com ([198.137.202.10]:51809 "EHLO mail.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751042Ab2BVSV3 (ORCPT ); Wed, 22 Feb 2012 13:21:29 -0500 Message-ID: <4F453208.7040902@zytor.com> Date: Wed, 22 Feb 2012 10:20:56 -0800 From: "H. Peter Anvin" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20120131 Thunderbird/10.0 MIME-Version: 1.0 To: Linus Torvalds CC: Ian Kent , David Miller , linux-kernel@vger.kernel.org, autofs@vger.kernel.org, Thomas Meyer , Al Viro Subject: Re: compat: autofs v5 packet size ambiguity - update References: <20120221.221609.218135609185671883.davem@davemloft.net> <1329889428.2193.45.camel@perseus.themaw.net> <4F4484F0.9070501@zytor.com> <4F4529D4.6070008@zytor.com> In-Reply-To: X-Enigmail-Version: 1.3.5 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 865 Lines: 25 On 02/22/2012 10:16 AM, Linus Torvalds wrote: > > Because that padding word for size is just random data. > > In fact, we probably should clear it. I suspect we leak kernel stack > contents to autofs. Not that it matters (system daemon with root > privileges and all that), but it's another case of the whole "packing > data structures" issue. > Fortunately this is not true -- there is a memset(0) of the entire packet before the packet is built in kernel space. Otherwise we'd have a security hole. -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/