| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAPAsAGyMyq_anQjErLa=L-0K3KmghMjoqzi0AdZOADTAECn1HA@mail.gmail.com> Date: Thu, 22 Jan 2015 09:53:06 +0400 From: Andrey Ryabinin <ryabinin.a.a@...il.com> To: Sasha Levin <sasha.levin@...cle.com> Cc: Andrey Ryabinin <a.ryabinin@...sung.com>, LKML <linux-kernel@...r.kernel.org>, Dmitry Vyukov <dvyukov@...gle.com>, Konstantin Serebryany <kcc@...gle.com>, Dmitry Chernenkov <dmitryc@...gle.com>, Andrey Konovalov <adech.fo@...il.com>, Yuri Gribov <tetra2005@...il.com>, Konstantin Khlebnikov <koct9i@...il.com>, Michal Marek <mmarek@...e.cz>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Christoph Lameter <cl@...ux.com>, Pekka Enberg <penberg@...nel.org>, David Rientjes <rientjes@...gle.com>, Joonsoo Kim <iamjoonsoo.kim@....com>, Andrew Morton <akpm@...ux-foundation.org>, Dave Hansen <dave.hansen@...el.com>, Andi Kleen <andi@...stfloor.org>, Vegard Nossum <vegard.nossum@...il.com>, "H. Peter Anvin" <hpa@...or.com>, "x86@...nel.org" <x86@...nel.org>, "linux-mm@...ck.org" <linux-mm@...ck.org>, Randy Dunlap <rdunlap@...radead.org>, Peter Zijlstra <peterz@...radead.org>, Alexander Viro <viro@...iv.linux.org.uk>, Dave Jones <davej@...hat.com>, Jonathan Corbet <corbet@....net>, Linus Torvalds <torvalds@...ux-foundation.org>, Catalin Marinas <catalin.marinas@....com> Subject: Re: [PATCH v9 00/17] Kernel address sanitizer - runtime memory debugger. 2015-01-22 8:34 GMT+03:00 Andrey Ryabinin <ryabinin.a.a@...il.com>: > 2015-01-22 3:22 GMT+03:00 Sasha Levin <sasha.levin@...cle.com>: >> On 01/21/2015 11:51 AM, Andrey Ryabinin wrote: >>> Changes since v8: >>> - Fixed unpoisoned redzones for not-allocated-yet object >>> in newly allocated slab page. (from Dmitry C.) >>> >>> - Some minor non-function cleanups in kasan internals. >>> >>> - Added ack from Catalin >>> >>> - Added stack instrumentation. With this we could detect >>> out of bounds accesses in stack variables. (patch 12) >>> >>> - Added globals instrumentation - catching out of bounds in >>> global varibles. (patches 13-17) >>> >>> - Shadow moved out from vmalloc into hole between vmemmap >>> and %esp fixup stacks. For globals instrumentation >>> we will need shadow backing modules addresses. >>> So we need some sort of a shadow memory allocator >>> (something like vmmemap_populate() function, except >>> that it should be available after boot). >>> >>> __vmalloc_node_range() suits that purpose, except that >>> it can't be used for allocating for shadow in vmalloc >>> area because shadow in vmalloc is already 'allocated' >>> to protect us from other vmalloc users. So we need >>> 16TB of unused addresses. And we have big enough hole >>> between vmemmap and %esp fixup stacks. So I moved shadow >>> there. >> >> I'm not sure which new addition caused it, but I'm getting tons of >> false positives from platform drivers trying to access memory they >> don't "own" - because they expect to find hardware there. >> > > To be sure, that this is really false positives, could you try with > patches in attachment? Attaching properly formed patches View attachment "0001-backlight-da9052_bl-terminate-da9052_wled_ids-array-.patch" of type "text/x-patch" (892 bytes) View attachment "0002-crypto-ccp-terminate-ccp_support-array-with-empty-el.patch" of type "text/x-patch" (816 bytes) View attachment "0003-rtc-s5m-terminate-s5m_rtc_id-array-with-empty-elemen.patch" of type "text/x-patch" (865 bytes)
Powered by blists - more mailing lists