[SATLUG] New kernel security problem
Paul S. Bains
slacker at satx.rr.com
Sun Jun 13 21:20:07 CDT 2004
What you are saying makes sense. Overwriting or erasing register
contents or areas of RAM that are in use is generally a bad thing...!
On Sun, 13 Jun 2004 18:06:53 -0500
"K. Spoon" <kell at spoonix.com> wrote:
> I found this via google:
>
> FSAVE saves the entire floating-point unit state, including all the
> information saved by FSTENV plus the contents of all the registers,
> to a 94 or 108 byte area of memory (depending on the CPU mode).
> FRSTOR restores the floating-point state from the same area of
> memory.
>
> I'm guessing that the first call to FSAVE ensures that junk gets
> written to the space that should be used for holding information from
> the registers, and then when you call FRSTOR it wipes out useful
> registers (like the one that tracks where the CPU is in executing
> stuff on the stack :) with the garbage it just "saved".
>
> I'm no asm monkey, though, and I don't know much about x86 arch.
>
>
> --
> K. Spoon <kell at spoonix.com>
> _______________________________________________
> Satlug mailing list
> Satlug at satlug.org
> http://alamo.satlug.org/mailman/listinfo/satlug
--
Linuxcult - are you geek enough?
http://www.linuxcult.com/
More information about the Satlug
mailing list