Linux MINCORE System Call Changed To Avoid Information Leaks

Written by Michael Larabel in Linux Kernel on 6 January 2019 at 05:56 PM EST. 1 Comment
LINUX KERNEL
While Linus Torvalds tends to be very strict about accepting kernel changes that have the potential of breaking user-space, he himself authored a patch today to change the mincore() system call to enhance the security.

The MINCORE syscall has long been around back to the Linux 2.3 days for indicating whether memory pages of a process are resident in the memory (RAM). Rather than counting the number of cached pages, as of Linux 4.21/5.0, calling mincore() will now count the number of mapped pages as opposed to cached pages.

Linus explained with his patch, "The problem with that traditional semantic is that it exposes a lot of system cache state that it really probably shouldn't, and that users shouldn't really even care about. So let's try to avoid that information leak by simply changing the semantics to be that mincore() counts actual mapped pages, not pages that might be cheaply mapped if they were faulted...In many ways the old semantics were somewhat insane even aside from the information leak issue."

This does affect the output for fincore and potentially other user-space code. But Linus is "hoping that nobody actually has any workflow that cares, and the info leak is real." They may end up changing the MINCORE semantics still depending upon whether valid use-cases are mentioned for the old behavior and if it can still be altered to avoid the potential information leak.
1 Comment
Related News
Linux 6.6.66 LTS Kernel Released With New Hardware Support & Many Fixes
NTSYNC Linux Driver Updated With API Design Improvements
New Linux Patch Establishes "CONFIG_X86_64_NATIVE" For -march=native Kernel Builds
Perf Support For 2,048 CPU Cores Is Becoming Not Enough - Patches Bump Kernel Limit
Linux 6.13-rc2 Released With An Initial Batch Of Fixes
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
NTSYNC Linux Patches Revived To Help Boost Steam Play Gaming Performance
KDE Starts December By Landing A Number Of New Features
Rust-Based, Memory-Safe PNG Decoders "Vastly Outperform" C-Based PNG Libraries