lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20250712192202.707192-5-gatlin.newhouse@gmail.com>
Date: Sat, 12 Jul 2025 19:21:49 +0000
From: Gatlin Newhouse <gatlin.newhouse@...il.com>
To: linux-hardening@...r.kernel.org
Cc: Gatlin Newhouse <gatlin.newhouse@...il.com>
Subject: [RFC v1 04/17] sched: add protection to task_struct

Adds caching data structure for every task structure and optionally adds
a statistics structure to each as well.
---
 include/linux/sched.h | 11 +++++++++++
 init/init_task.c      | 11 +++++++++++
 2 files changed, 22 insertions(+)

diff --git a/include/linux/sched.h b/include/linux/sched.h
index 4f78a64beb52..f2de0e565696 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -48,6 +48,10 @@
 #include <linux/tracepoint-defs.h>
 #include <asm/kmap_size.h>
 
+#ifdef CONFIG_SAFEFETCH
+#include <linux/safefetch.h>
+#endif
+
 /* task_struct member predeclarations (sorted alphabetically): */
 struct audit_context;
 struct bio_list;
@@ -1654,6 +1658,13 @@ struct task_struct {
 	struct user_event_mm		*user_event_mm;
 #endif
 
+#ifdef CONFIG_SAFEFETCH
+	struct df_prot_struct		df_prot_struct_head;
+#ifdef SAFEFETCH_DEBUG
+	struct df_stats_struct		df_stats;
+#endif
+#endif
+
 	/* CPU-specific state of this task: */
 	struct thread_struct		thread;
 
diff --git a/init/init_task.c b/init/init_task.c
index e557f622bd90..a378271cf3a2 100644
--- a/init/init_task.c
+++ b/init/init_task.c
@@ -17,6 +17,10 @@
 
 #include <linux/uaccess.h>
 
+#ifdef CONFIG_SAFEFETCH
+#include <linux/safefetch.h>
+#endif
+
 static struct signal_struct init_signals = {
 	.nr_threads	= 1,
 	.thread_head	= LIST_HEAD_INIT(init_task.thread_node),
@@ -220,6 +224,13 @@ struct task_struct init_task __aligned(L1_CACHE_BYTES) = {
 #ifdef CONFIG_SECCOMP_FILTER
 	.seccomp	= { .filter_count = ATOMIC_INIT(0) },
 #endif
+#ifdef CONFIG_SAFEFETCH
+#ifndef SAFEFETCH_MEASURE_DEFENSE
+	.df_prot_struct_head = {  .df_mem_range_allocator = { .initialized = 0 }, .df_metadata_allocator = {.first = 0, .initialized = 0, .extended = 0}, .df_storage_allocator = {.first = 0, .initialized = 0, .extended = 0}},
+#else
+	.df_prot_struct_head = {  .df_mem_range_allocator = { .initialized = 0 }, .df_metadata_allocator = {.first = 0, .initialized = 0, .extended = 0}, .df_storage_allocator = {.first = 0, .initialized = 0, .extended = 0}, .df_measures = {.search_time = 0, .insert_time = 0, .counter = 0}},
+#endif
+#endif
 };
 EXPORT_SYMBOL(init_task);
 
-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ