lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <202108181030.F007BCE205@keescook>
Date:   Wed, 18 Aug 2021 10:32:03 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH] lkdtm/heap: Avoid __alloc_size hint warning

On Wed, Aug 18, 2021 at 04:01:26PM +0200, Greg Kroah-Hartman wrote:
> On Tue, Aug 17, 2021 at 09:45:40PM -0700, Kees Cook wrote:
> > Once __alloc_size hints have been added, the compiler will
> > (correctly!) see this as an overflow. We are, however, trying to test
> > for this condition, so work around it with a volatile int.
> > 
> > Signed-off-by: Kees Cook <keescook@...omium.org>
> > ---
> >  drivers/misc/lkdtm/heap.c | 4 +++-
> >  1 file changed, 3 insertions(+), 1 deletion(-)
> > 
> > diff --git a/drivers/misc/lkdtm/heap.c b/drivers/misc/lkdtm/heap.c
> > index 3d9aae5821a0..e59fcbe00ae0 100644
> > --- a/drivers/misc/lkdtm/heap.c
> > +++ b/drivers/misc/lkdtm/heap.c
> > @@ -12,6 +12,8 @@ static struct kmem_cache *double_free_cache;
> >  static struct kmem_cache *a_cache;
> >  static struct kmem_cache *b_cache;
> >  
> > +static volatile int __offset = 1;
> 
> Perhaps a comment here as to why volatile is ok to use?  That feels like
> it is a hack around the compiler of today, what happens tomorrow when
> newer versions decide to ignore volatile as it "knows" no one ever
> changes it?

Sure, I can do that. LKDTM uses this a lot because it, by definition,
means the compiler cannot assume it knows anything about its value. (And
as such reloads from memory at every use, which is why it's frowned upon
anywhere else in the kernel.)

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ