lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 02 Mar 2012 17:17:39 -0800
From:	"H. Peter Anvin" <hpa@...or.com>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
CC:	Andi Kleen <andi@...stfloor.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	linux-fsdevel <linux-fsdevel@...r.kernel.org>,
	Al Viro <viro@...iv.linux.org.uk>
Subject: Re: Word-at-a-time dcache name accesses (was Re: .. anybody know
 of any filesystems that depend on the exact VFS 'namehash' implementation?)

On 03/02/2012 05:11 PM, Linus Torvalds wrote:
> On Fri, Mar 2, 2012 at 5:02 PM, H. Peter Anvin <hpa@...or.com> wrote:
>>
>> Note that does mean we need a guard page after each and every
>> discontiguous RAM range, not just the last one.  Raising that issue
>> since we have had serious bugs in that area in the past.
> 
> Are you sure? I didn't think we even *mapped* things at that granularity.
> 
> We only really need a guard page at the end of an actual end-of-ram
> where we no longer have page tables and/or could hit device space.
> 

Yes of course.  Note that I'm currently pushing for mapping only RAM
regions; we have a lot of bugs and workarounds related to mapping too
much, and the answer to fixing that should be pretty obvious.

> For robustness and actual deployment, I do think that yes, we do want
> to make it an explicit rule.

Definitely.  Ideally those pages should be zeroed and mapped readonly.

	-hpa



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists