lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 28 Mar 2017 14:00:01 +0000
From:   "Reshetova, Elena" <elena.reshetova@...el.com>
To:     David Laight <David.Laight@...LAB.COM>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-arm-kernel@...ts.infradead.org" 
        <linux-arm-kernel@...ts.infradead.org>,
        "linux-rdma@...r.kernel.org" <linux-rdma@...r.kernel.org>,
        "linux-hams@...r.kernel.org" <linux-hams@...r.kernel.org>,
        "linux-ppp@...r.kernel.org" <linux-ppp@...r.kernel.org>,
        "linux-wireless@...r.kernel.org" <linux-wireless@...r.kernel.org>,
        "ganeshgr@...lsio.com" <ganeshgr@...lsio.com>,
        "nbd@...nwrt.org" <nbd@...nwrt.org>,
        "blogic@...nwrt.org" <blogic@...nwrt.org>,
        "matthias.bgg@...il.com" <matthias.bgg@...il.com>,
        "yishaih@...lanox.com" <yishaih@...lanox.com>,
        "saeedm@...lanox.com" <saeedm@...lanox.com>,
        "matanb@...lanox.com" <matanb@...lanox.com>,
        "leonro@...lanox.com" <leonro@...lanox.com>,
        "ajk@...nets.uni-bremen.de" <ajk@...nets.uni-bremen.de>,
        "paulus@...ba.org" <paulus@...ba.org>, "j@...fi" <j@...fi>,
        "kvalo@...eaurora.org" <kvalo@...eaurora.org>,
        "peterz@...radead.org" <peterz@...radead.org>,
        "keescook@...omium.org" <keescook@...omium.org>,
        "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
        Hans Liljestrand <ishkamiel@...il.com>,
        "David Windsor" <dwindsor@...il.com>
Subject: RE: [PATCH 06/16] drivers, net, mlx5: convert mlx5_cq.refcount from
 atomic_t to refcount_t


> From: Elena Reshetova
> > Sent: 28 March 2017 09:57
> >
> > refcount_t type and corresponding API should be
> > used instead of atomic_t when the variable is used as
> > a reference counter. This allows to avoid accidental
> > refcounter overflows that might lead to use-after-free
> > situations.
> 
> I can't help feeling that you ought to find a scheme
> that will detect extra decrements and extra increments
> before the counter wraps 32 bits.
> 
> If an extra reference is requested every 100us it takes 4.8 days
> for the counter to increment back to zero.
> Simple tests aren't doing to find that - but it can easily happen
> on a system that is running for several years.

So, you are proposing to try detecting this case instead of preventing overflows?
Not sure how this would look like in a generic form...



> 
> 	David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ