| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240924065653.GQ38742@google.com> Date: Tue, 24 Sep 2024 15:56:53 +0900 From: Sergey Senozhatsky <senozhatsky@...omium.org> To: Christoph Hellwig <hch@...radead.org> Cc: Sergey Senozhatsky <senozhatsky@...omium.org>, Andrew Morton <akpm@...ux-foundation.org>, Christophe JAILLET <christophe.jaillet@...adoo.fr>, Andrey Skvortsov <andrej.skvortzov@...il.com>, linux-mm@...ck.org, linux-kernel@...r.kernel.org Subject: Re: [PATCHv2] mm: do not export const kfree and kstrdup variants On (24/09/23 23:43), Christoph Hellwig wrote: > On Tue, Sep 24, 2024 at 02:08:37PM +0900, Sergey Senozhatsky wrote: > > Both kfree_const() and kstrdup_const() use __start_rodata > > and __end_rodata, which do not work for modules. This is > > especially important for kfree_const(). Stop exporting > > these functions, as they cannot be used in the modules. > > Well, they do work when called from modules, they just don't work > on constant data that is in modules. There's also plenty of > existing callers in modules. > > So just unexporting them is going to break. The API is kinda > horrible, but an implementation to check for constants in modules > would also be quite horrible. So I don't have a good answer here, > but simply unexporting them is not going to cut it. Totally agree with all the points, I haven't looked at how popular that API was before sending out the patch. Is there some sort of "built time const" but for strings that we, perhaps, can add to kfree_const() (and make kfree_const() always inline)? So that we can turn this str = "boom"; ... kfree_const(str); into a safe scenario for modules.
Powered by blists - more mailing lists