| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20120217033252.GB22823@kroah.com> Date: Thu, 16 Feb 2012 19:32:52 -0800 From: Greg KH <gregkh@...uxfoundation.org> To: David Windsor <dwindsor@...il.com> Cc: Kees Cook <keescook@...omium.org>, pageexec@...email.hu, Ubuntu security discussion <ubuntu-hardened@...ts.ubuntu.com>, spender@...ecurity.net, linux-kernel@...r.kernel.org, kernel-hardening@...ts.openwall.com Subject: Re: [ubuntu-hardened] Add overflow protection to kref On Thu, Feb 16, 2012 at 09:48:38PM -0500, David Windsor wrote: > <snip> > > >> > >> I have yet to see a patch, so why are we arguing about this? :) > >> > >> Again, I don't know of any kref overflows that have ever happened, so > >> trying to "protect" this type of thing, seems odd to me. > > > > Well, I think the issue was to protect counting things (which seems to > > be what PaX was after originally), and that kref seemed like the place > > to put it. I'll let David take it further. > > > > Patches are forthcoming that will first introduce overflow protection > to kref. Once that's in place, I'll move a few refcount users from > atomic_t to kref as a reference for other subsystems; I'd like to see some more users first, as I don't see how the current users could ever overflow an atomic_t, so any changes to prevent this will be kind of pointless, right? So feel free to send all of these changes together. thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists