lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 11 Jun 2024 15:52:49 -0700 (PDT)
From: "Christoph Lameter (Ampere)" <cl@...ux.com>
To: Vlastimil Babka <vbabka@...e.cz>
cc: Chengming Zhou <chengming.zhou@...ux.dev>, 
    Pekka Enberg <penberg@...nel.org>, David Rientjes <rientjes@...gle.com>, 
    Joonsoo Kim <iamjoonsoo.kim@....com>, 
    Andrew Morton <akpm@...ux-foundation.org>, 
    Roman Gushchin <roman.gushchin@...ux.dev>, 
    Hyeonggon Yoo <42.hyeyoo@...il.com>, Feng Tang <feng.tang@...el.com>, 
    linux-mm@...ck.org, linux-kernel@...r.kernel.org, 
    zhouchengming@...edance.com, Kees Cook <keescook@...omium.org>
Subject: Re: [PATCH v3 1/3] slab: make check_object() more consistent

On Mon, 10 Jun 2024, Vlastimil Babka wrote:

> Even if some security people enable parts of slub debugging for security
> people it is my impression they would rather panic/reboot or have memory
> leaked than trying to salvage the slab page? (CC Kees)

In the past these resilience features have been used to allow the 
continued operation of a broken kernel.

So first the Kernel crashed with some obscure oops in the allocator due 
to metadata corruption.

One can then put a slub_debug option on the kernel command line which will 
result in detailed error reports on what caused the corruption. It will 
also activate resilience measures that will often allow the continued 
operation until a fix becomes available.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ