| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Dec 2008 17:02:44 +0000 From: Catalin Marinas <catalin.marinas@....com> To: Christoph Lameter <cl@...ux-foundation.org> Cc: Pekka Enberg <penberg@...helsinki.fi>, linux-kernel@...r.kernel.org Subject: Re: [PATCH 03/15] kmemleak: Add the slab memory allocation/freeing hooks On Thu, 2008-12-18 at 10:49 -0600, Christoph Lameter wrote: > On Thu, 18 Dec 2008, Catalin Marinas wrote: > > > In the ____cache_alloc() kmemleak clears the > > cachep->array->entry[ac->avail] pointer but this may not be enough as > > freed and later re-allocated objects may have pointers in the alien > > cache (is that correct?). A better approach (haven't tried it yet) would > > be not to scan objects allocated via alloc_arraycache() at all. However, > > there is still the initarray_cache/generic which are automatically > > scanned via the data section (unless I add an attribute to place them in > > a different, not scanned, section). > > An allocated object is not part of any cache in SLAB. Only freed objects > are kept in the slab queues. A freed object can only be in one queue at a > time. OK, but is there a chance that an stale pointer remains in such caches? There seems to be the transfer_objects() function that moves pointers around but doesn't clear the source values. -- Catalin -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists