Re: [PATCH] (please check) Potential security fix for i386/kernel/ptrace.c

Jamie Lokier (lkd@tantalophile.demon.co.uk)
Mon, 21 Sep 1998 01:18:48 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andrea Arcangeli: "Re: Today Linus redesigns the networking driver interface (was Re: tulip driver in ...)"
Previous message: Richard Gooch: "Re: Today Linus redesigns the networking driver interface (was Re: tulip driver in ...)"

On Sun, Sep 20, 1998 at 04:09:00PM -0700, Linus Torvalds wrote:
> It should actually be safe. The debug trap handler is careful to not
> aquire any locks (ie no deadlock situations), and should alwasy ignore
> events from kernel space.

It would still cause a slowdown, perhaps somewhere critical (interrupt
handler, syscall entry point etc). If a breakpoint is placed in
encryption code or the /dev/random driver, the timing effects would leak
information.

What happens if a breakpoint is placed in the debug trap handler, the
syscall entry point, ret_from_syscall etc.?

> The patch looks fine regardless, but I want to have a robust system, and
> that does mean that even if somebody can trigger a debug trap in the
> kernel (easy to do by just having a read() system call write over
> something you want to get the trap on in user mode) then the kernel should
> not really have to care anyway.

It does make sense for the debug trap to be robust as well.

-- Jamie

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrea Arcangeli: "Re: Today Linus redesigns the networking driver interface (was Re: tulip driver in ...)"
Previous message: Richard Gooch: "Re: Today Linus redesigns the networking driver interface (was Re: tulip driver in ...)"