| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Feb 2012 17:44:57 -0800 From: Roland Dreier <roland@...estorage.com> To: Djalal Harouni <tixxdz@...ndz.org> Cc: Vasiliy Kulikov <segoon@...nwall.com>, kernel-hardening@...ts.openwall.com, Kees Cook <keescook@...omium.org>, Ubuntu security discussion <ubuntu-hardened@...ts.ubuntu.com>, linux-kernel@...r.kernel.org, David Windsor <dwindsor@...il.com>, pageexec@...email.hu, spender@...ecurity.net, gregkh@...uxfoundation.org Subject: Re: [kernel-hardening] Re: Add overflow protection to kref On Fri, Feb 17, 2012 at 3:39 PM, Djalal Harouni <tixxdz@...ndz.org> wrote: >> 2) what to do with architectures-loosers? > There is lib/atomic64.c but with a static hashed array of raw_spinlocks. Even leaving aside performance impact of atomic64_t (and probably in most cases the performance of kref is not important at all), it is unfortunate to bloat the size from 4 bytes to 8 bytes. It seems much better to have some out-of-line code for overflow checking rather than increasing the size of every data structure that embeds a kref. Greg, I'm not sure why you're opposed to adding this checking... it's pretty clear that buggy error paths that forget to do a put are pretty common and will continue to be common in new code, and making them harder to exploit seems pretty sane to me. What's the downside? - R. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists