| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150518130213.GA771@amd> Date: Mon, 18 May 2015 15:02:13 +0200 From: Pavel Machek <pavel@....cz> To: Anisse Astier <anisse@...ier.eu> Cc: Andrew Morton <akpm@...ux-foundation.org>, Mel Gorman <mgorman@...e.de>, "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>, David Rientjes <rientjes@...gle.com>, Alan Cox <gnomes@...rguk.ukuu.org.uk>, Linus Torvalds <torvalds@...ux-foundation.org>, Peter Zijlstra <peterz@...radead.org>, PaX Team <pageexec@...email.hu>, Brad Spengler <spender@...ecurity.net>, Kees Cook <keescook@...omium.org>, Andi Kleen <andi@...stfloor.org>, "Rafael J. Wysocki" <rjw@...ysocki.net>, Len Brown <len.brown@...el.com>, linux-mm@...ck.org, Linux PM list <linux-pm@...r.kernel.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: [PATCH v4 2/3] mm/page_alloc.c: add config option to sanitize freed pages On Mon 2015-05-18 14:41:19, Anisse Astier wrote: > On Mon, May 18, 2015 at 1:21 PM, Pavel Machek <pavel@....cz> wrote: > > On Thu 2015-05-14 16:19:47, Anisse Astier wrote: > >> This new config option will sanitize all freed pages. This is a pretty > >> low-level change useful to track some cases of use-after-free, help > >> kernel same-page merging in VM environments, and counter a few info > >> leaks. > > > > Could you document the "few info leaks"? We may want to fix them for > > !SANTIZE_FREED_PAGES case, too... > > > > I wish I could; I'd be sending patches for those info leaks, too. > > What I meant is that this feature can also be used as a general > protection mechanism against a certain class of info leaks; for > example, some drivers allocating pages that were previously used by > other subsystems, and then sending structures to userspace that > contain padding or uninitialized fields, leaking kernel pointers. > Having all pages cleared unconditionally can help a bit in some cases > (hence "a few"), but it's of course not an end-all solution. Ok. So there is class of errors where this helps, but you are not aware of any such errors in kernel, so you can't fix them... Right? > I'll edit the commit and kconfig messages to be more precise. Thanks, Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists