| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YgwHhTN4P5yyZqBz@dhcp22.suse.cz>
Date: Tue, 15 Feb 2022 21:05:25 +0100
From: Michal Hocko <mhocko@...e.com>
To: Suren Baghdasaryan <surenb@...gle.com>
Cc: akpm@...ux-foundation.org, ccross@...gle.com,
sumit.semwal@...aro.org, dave.hansen@...el.com,
keescook@...omium.org, willy@...radead.org,
kirill.shutemov@...ux.intel.com, vbabka@...e.cz,
hannes@...xchg.org, ebiederm@...ssion.com, brauner@...nel.org,
legion@...nel.org, ran.xiaokai@....com.cn, sashal@...nel.org,
chris.hyser@...cle.com, dave@...olabs.net, pcc@...gle.com,
caoxiaofeng@...ong.com, david@...hat.com, gorcunov@...il.com,
linux-mm@...ck.org, linux-kernel@...r.kernel.org,
kernel-team@...roid.com,
syzbot+aa7b3d4b35f9dc46a366@...kaller.appspotmail.com
Subject: Re: [PATCH v3 1/1] mm: fix use-after-free when anon vma name is used
after vma is freed
One thing I was considering is to check agains ref counte overflo (a
deep process chain with many vmas could grow really high. ref_count
interface doesn't provide any easy way to check for overflows as far as
I could see from a quick glance so I gave up there but the logic would
be really straightforward. We just create a new anon_vma_name with the same
content and use it when duplicating if the usage grow really
(arbitrarily) high.
--
Michal Hocko
SUSE Labs
Powered by blists - more mailing lists