lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <57641364.5000001@virtuozzo.com>
Date:	Fri, 17 Jun 2016 18:12:36 +0300
From:	Andrey Ryabinin <aryabinin@...tuozzo.com>
To:	Alexander Potapenko <glider@...gle.com>
CC:	Andrey Konovalov <adech.fo@...il.com>,
	Christoph Lameter <cl@...ux.com>,
	Dmitriy Vyukov <dvyukov@...gle.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Steven Rostedt <rostedt@...dmis.org>,
	Joonsoo Kim <iamjoonsoo.kim@....com>,
	Joonsoo Kim <js1304@...il.com>,
	Kostya Serebryany <kcc@...gle.com>,
	Kuthonuzo Luruo <kuthonuzo.luruo@....com>,
	kasan-dev <kasan-dev@...glegroups.com>,
	Linux Memory Management List <linux-mm@...ck.org>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v3] mm, kasan: switch SLUB to stackdepot, enable memory
 quarantine for SLUB



On 06/17/2016 05:27 PM, Alexander Potapenko wrote:
> On Wed, Jun 15, 2016 at 6:50 PM, Andrey Ryabinin
> <aryabinin@...tuozzo.com> wrote:
>>
>>
>> On 06/15/2016 06:26 PM, Alexander Potapenko wrote:
>>> For KASAN builds:
>>>  - switch SLUB allocator to using stackdepot instead of storing the
>>>    allocation/deallocation stacks in the objects;
>>>  - define SLAB_RED_ZONE, SLAB_POISON, SLAB_STORE_USER to zero,
>>>    effectively disabling these debug features, as they're redundant in
>>>    the presence of KASAN;
>>
>> So, why we forbid these? If user wants to set these, why not? If you don't want it, just don't turn them on, that's it.
> SLAB_RED_ZONE simply doesn't work with KASAN.

Why? This sounds like a bug.

> With additional efforts it may work, but I don't think we really need
> that. Extra red zones will just bloat the heap, and won't give any
> interesting signal except "someone corrupted this object from
> non-instrumented code".
> SLAB_POISON doesn't crash on simple tests, but I am not sure there are
> no corner cases which I haven't checked, so I thought it's safer to
> disable it.
> As I said before, we can make SLAB_STORE_USER use stackdepot in a
> later CL, thus we disable it now.
> 

This doesn't explain why we need this. What's the problem you are trying to solve by this? And why it is ok to silently ignore user requests?
You think that these options are redundant, I get it. Well, then just don't turn them on.
But, when a user requests for something, he expects that such request will be fulfilled, not just ignored.

>> And sometimes POISON/REDZONE might be actually useful. KASAN doesn't catch everything,
>> e.g. corruption may happen in assembly code, or DMA by  some device.
>>
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ