| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 09 Aug 2006 05:09:11 +0200 From: Andi Kleen <ak@...e.de> To: Kirill Korotaev <dev@...ru> Cc: Andrew Morton <akpm@...l.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, haveblue@...ibm.com, linux-arch@...r.kernel.org Subject: Re: [PATCH] sys_getppid oopses on debug kernel Kirill Korotaev <dev@...ru> writes: [adding linux-arch] > > Accessing freed memory is a bug, always, not just *only* when slab > > debugging is on, right? Doesn't this mean we could get junk, or that > > the reader could potentially run off a bad pointer? > no, read the comment in sys_getppid. > It is a valid optimization. _safe_ and alowing to bypass taking the lock. > BUT! This optimization relies on the fact that kernel memory (DMA + normal zone) > is always mapped into virtual address space. > Which is invalid for debug kernels only. In x86 arch code we would use __get_user for this (and we do in a couple of places). But it wouldn't be portable because sometimes _user is in a different address space. Maybe it would be time to make a similar facility (read/write_kernel_safe() or similar) with error return available to generic code? It should be easy to implement - iirc near all architectures already use the exception handling frame work and it is a simple extension of that. x86 could just define it to __put/get_user -Andi - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists