lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 02 Mar 2012 17:17:39 -0800 From: "H. Peter Anvin" <hpa@...or.com> To: Linus Torvalds <torvalds@...ux-foundation.org> CC: Andi Kleen <andi@...stfloor.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, Al Viro <viro@...iv.linux.org.uk> Subject: Re: Word-at-a-time dcache name accesses (was Re: .. anybody know of any filesystems that depend on the exact VFS 'namehash' implementation?) On 03/02/2012 05:11 PM, Linus Torvalds wrote: > On Fri, Mar 2, 2012 at 5:02 PM, H. Peter Anvin <hpa@...or.com> wrote: >> >> Note that does mean we need a guard page after each and every >> discontiguous RAM range, not just the last one. Raising that issue >> since we have had serious bugs in that area in the past. > > Are you sure? I didn't think we even *mapped* things at that granularity. > > We only really need a guard page at the end of an actual end-of-ram > where we no longer have page tables and/or could hit device space. > Yes of course. Note that I'm currently pushing for mapping only RAM regions; we have a lot of bugs and workarounds related to mapping too much, and the answer to fixing that should be pretty obvious. > For robustness and actual deployment, I do think that yes, we do want > to make it an explicit rule. Definitely. Ideally those pages should be zeroed and mapped readonly. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists