lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 21 Apr 2022 10:50:10 +0200
From:   Marco Elver <elver@...gle.com>
To:     Shaobo Huang <huangshaobo6@...wei.com>
Cc:     akpm@...ux-foundation.org, chenzefeng2@...wei.com,
        dvyukov@...gle.com, glider@...gle.com, kasan-dev@...glegroups.com,
        linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        nixiaoming@...wei.com, wangbing6@...wei.com,
        wangfangpeng1@...wei.com, young.liuyang@...wei.com,
        zengweilin@...wei.com, zhongjubin@...wei.com
Subject: Re: [PATCH] kfence: check kfence canary in panic and reboot

On Thu, 21 Apr 2022 at 10:37, Shaobo Huang <huangshaobo6@...wei.com> wrote:
[...]
> > >  static int __init kfence_debugfs_init(void)
> > >  {
> > >     struct dentry *kfence_dir = debugfs_create_dir("kfence", NULL);
> > > @@ -806,6 +832,8 @@ static void kfence_init_enable(void)
> > >
> > >     WRITE_ONCE(kfence_enabled, true);
> > >     queue_delayed_work(system_unbound_wq, &kfence_timer, 0);
> > > +   register_reboot_notifier(&kfence_check_canary_notifier);
> > > +   atomic_notifier_chain_register(&panic_notifier_list, &kfence_check_canary_notifier);
> >
> > Executing this on panic is reasonable. However,
> > register_reboot_notifier() tells me this is being executed on *every*
> > reboot (not just panic). I think that's not what we want, because that
> > may increase reboot latency depending on how many KFENCE objects we
> > have. Is it possible to *only* do the check on panic?
>
> if oob occurs before reboot, reboot can also detect it, if not, the detection will be missing in this scenario.
> reboot and panic are two scenarios of system reset, so I think both scenarios need to be added.

That doesn't quite answer my question, why do you want to run the
check during normal reboot? As I understand it right now it will run
on any normal reboot, and also on panics. I have concerns adding these
checks to normal reboots because it may increase normal reboot
latency, which we do not want.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ