md(4) (swap-base) disks not cleaned on creation
Dag-Erling Smørgrav
des at des.no
Wed Nov 7 12:36:58 UTC 2012
Konstantin Belousov <kostikbel at gmail.com> writes:
> It is definitely not a security issue.
I disagree. There may be legitimate reasons for root to create an md
and give read access to an unprivileged user, under the assumption that
it is zeroed; or to allow root in a jail to create mds.
> That said, the following patch should fix the nit. I am unsure about
> it, because it fixes mostly non-issue by spending CPU time to zero a
> page which would be either zeroed or overwritten right now anyway in
> normal usage.
You can at least partly mitigate this by adding VM_ALLOC_ZERO to the
flags passed to vm_page_grab() on line 666 and then checking the PG_ZERO
bit in m->flags.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list