| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YXhHq52jDrU61V4E@casper.infradead.org>
Date: Tue, 26 Oct 2021 19:23:39 +0100
From: Matthew Wilcox <willy@...radead.org>
To: Pasha Tatashin <pasha.tatashin@...een.com>
Cc: linux-kernel@...r.kernel.org, linux-mm@...ck.org,
linux-m68k@...ts.linux-m68k.org, anshuman.khandual@....com,
akpm@...ux-foundation.org, william.kucharski@...cle.com,
mike.kravetz@...cle.com, vbabka@...e.cz, geert@...ux-m68k.org,
schmitzmic@...il.com, rostedt@...dmis.org, mingo@...hat.com,
hannes@...xchg.org, guro@...com, songmuchun@...edance.com,
weixugc@...gle.com, gthelen@...gle.com
Subject: Re: [RFC 0/8] Hardening page _refcount
On Tue, Oct 26, 2021 at 05:38:14PM +0000, Pasha Tatashin wrote:
> It is hard to root cause _refcount problems, because they usually
> manifest after the damage has occurred. Yet, they can lead to
> catastrophic failures such memory corruptions.
>
> Improve debugability by adding more checks that ensure that
> page->_refcount never turns negative (i.e. double free does not
> happen, or free after freeze etc).
>
> - Check for overflow and underflow right from the functions that
> modify _refcount
> - Remove set_page_count(), so we do not unconditionally overwrite
> _refcount with an unrestrained value
> - Trace return values in all functions that modify _refcount
I think this is overkill. Won't we get exactly the same protection
by simply testing that page->_refcount == 0 in set_page_count()?
Anything which triggers that BUG_ON would already be buggy because
it can race with speculative gets.
Powered by blists - more mailing lists