lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 17 Jun 2024 18:29:07 +0800
From: Chengming Zhou <chengming.zhou@...ux.dev>
To: Vlastimil Babka <vbabka@...e.cz>,
 "Christoph Lameter (Ampere)" <cl@...ux.com>
Cc: Pekka Enberg <penberg@...nel.org>, David Rientjes <rientjes@...gle.com>,
 Joonsoo Kim <iamjoonsoo.kim@....com>,
 Andrew Morton <akpm@...ux-foundation.org>,
 Roman Gushchin <roman.gushchin@...ux.dev>,
 Hyeonggon Yoo <42.hyeyoo@...il.com>, Feng Tang <feng.tang@...el.com>,
 linux-mm@...ck.org, linux-kernel@...r.kernel.org,
 zhouchengming@...edance.com, Kees Cook <keescook@...omium.org>
Subject: Re: [PATCH v3 1/3] slab: make check_object() more consistent

On 2024/6/17 17:51, Vlastimil Babka wrote:
> On 6/14/24 4:40 AM, Chengming Zhou wrote:
>> On 2024/6/12 06:52, Christoph Lameter (Ampere) wrote:
>>> On Mon, 10 Jun 2024, Vlastimil Babka wrote:
>>>
>>>> Even if some security people enable parts of slub debugging for security
>>>> people it is my impression they would rather panic/reboot or have memory
>>>> leaked than trying to salvage the slab page? (CC Kees)
>>>
>>> In the past these resilience features have been used to allow the continued operation of a broken kernel.
>>>
>>> So first the Kernel crashed with some obscure oops in the allocator due to metadata corruption.
>>>
>>> One can then put a slub_debug option on the kernel command line which will result in detailed error reports on what caused the corruption. It will also activate resilience measures that will often allow the continued operation until a fix becomes available.
>>
>> This reminds me that we can't toggle slub_debug options for kmem_cache in runtime,
>> I'm wondering is it useful to be able to enable/disable debug options in runtime?
>> We can implement this feature by using per-slab debug options, so per-slab has
>> independent execution path, in which some slabs with debug options enabled go
>> the slow path, while others can still go fast path.
> 
> Many of the debug options change the layout of objects in slabs (i.e. affect
> calculate_sizes()) so it would be very complicated to change things in
Yeah, so each slab in the same kmem_cache can have different layout (caused by
different debug_options enabled), we use these different information to decide
which path each slab should go.

Then the problem is saving these different layout information for each slab,
which has an unused _mapcount to reuse, can be used as index to find its layout
information in the kmem_cache.

I haven't thought too much about this, so must be missing something.

Thanks.

> runtime. Also the cache might be merged with other ones if it boots without
> debug... I don't think it would be feasible at all.
> 
>> No sure if it's useful in some cases? Maybe KFENCE is enough? Just my random thoughts.
>>
>> Thanks.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ