| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1490148199.16816.126.camel@edumazet-glaptop3.roam.corp.google.com>
Date: Tue, 21 Mar 2017 19:03:19 -0700
From: Eric Dumazet <eric.dumazet@...il.com>
To: Kees Cook <keescook@...omium.org>
Cc: Peter Zijlstra <peterz@...radead.org>,
Herbert Xu <herbert@...dor.apana.org.au>,
David Miller <davem@...emloft.net>,
"Reshetova, Elena" <elena.reshetova@...el.com>,
Network Development <netdev@...r.kernel.org>,
bridge@...ts.linux-foundation.org,
LKML <linux-kernel@...r.kernel.org>,
Alexey Kuznetsov <kuznet@....inr.ac.ru>,
James Morris <jmorris@...ei.org>,
Patrick McHardy <kaber@...sh.net>,
Stephen Hemminger <stephen@...workplumber.org>,
Hans Liljestrand <ishkamiel@...il.com>,
David Windsor <dwindsor@...il.com>,
Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH 07/17] net: convert sock.sk_refcnt from atomic_t to
refcount_t
On Tue, 2017-03-21 at 16:51 -0700, Kees Cook wrote:
> Am I understanding you correctly that you'd want something like:
>
> refcount.h:
> #ifdef UNPROTECTED_REFCOUNT
> #define refcount_inc(x) atomic_inc(x)
> ...
> #else
> void refcount_inc(...
> ...
> #endif
>
> some/net.c:
> #define UNPROTECTED_REFCOUNT
> #include <refcount.h>
>
> or similar?
At first, it could be something simple like that yes.
Note that we might define two refcount_inc() : One that does whole
tests, and refcount_inc_relaxed() that might translate to atomic_inc()
on non debug kernels.
Then later, maybe provide a dynamic infrastructure so that we can
dynamically force the full checks even for refcount_inc_relaxed() on say
1% of the hosts, to get better debug coverage ?
Powered by blists - more mailing lists