Linux MINCORE System Call Changed To Avoid Information Leaks
Written by Michael Larabel in Linux Kernel on 6 January 2019 at 05:56 PM EST. 1 Comment
LINUX KERNEL --
While Linus Torvalds tends to be very strict about accepting kernel changes that have the potential of breaking user-space, he himself authored a patch today to change the mincore() system call to enhance the security.

The MINCORE syscall has long been around back to the Linux 2.3 days for indicating whether memory pages of a process are resident in the memory (RAM). Rather than counting the number of cached pages, as of Linux 4.21/5.0, calling mincore() will now count the number of mapped pages as opposed to cached pages.

Linus explained with his patch, "The problem with that traditional semantic is that it exposes a lot of system cache state that it really probably shouldn't, and that users shouldn't really even care about. So let's try to avoid that information leak by simply changing the semantics to be that mincore() counts actual mapped pages, not pages that might be cheaply mapped if they were faulted...In many ways the old semantics were somewhat insane even aside from the information leak issue."

This does affect the output for fincore and potentially other user-space code. But Linus is "hoping that nobody actually has any workflow that cares, and the info leak is real." They may end up changing the MINCORE semantics still depending upon whether valid use-cases are mentioned for the old behavior and if it can still be altered to avoid the potential information leak.

About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related Linux Kernel News
Popular News This Week