lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAJuCfpHRTGvctcEwXHd1bpfUiFa=A--zKmVBJggB5D9huPEdSA@mail.gmail.com>
Date: Fri, 9 May 2025 09:10:01 -0700
From: Suren Baghdasaryan <surenb@...gle.com>
To: David Wang <00107082@....com>
Cc: kent.overstreet@...ux.dev, akpm@...ux-foundation.org, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] alloc_tag: add timestamp to codetag iterator

On Thu, May 8, 2025 at 10:52 PM David Wang <00107082@....com> wrote:
>
> Codetag iterator use <id,address> pair to guarantee the
> validness. But both id and address can be reused, there is
> theoretical possibility when module inserted right after
> another module removed, kmalloc return an address kfree by
> previous module and IDR key reuse the key recently removed.
>
> Add timestamp to codetag_module and code_iterator, the
> timestamp is generated by a clock which is strickly
> incremented whenever a module is loaded. An iterator is
> valid if and only if its timestamp match codetag_module's.
>
> Signed-off-by: David Wang <00107082@....com>
> ---
>  include/linux/codetag.h |  1 +
>  lib/codetag.c           | 12 ++++++++++--
>  2 files changed, 11 insertions(+), 2 deletions(-)
>
> diff --git a/include/linux/codetag.h b/include/linux/codetag.h
> index d14dbd26b370..61d43c3fbd19 100644
> --- a/include/linux/codetag.h
> +++ b/include/linux/codetag.h
> @@ -54,6 +54,7 @@ struct codetag_iterator {
>         struct codetag_module *cmod;
>         unsigned long mod_id;
>         struct codetag *ct;
> +       unsigned long timestamp;

The way you implement this, it is not really a timestamp, more like a
unique id or sequence number. I would suggest calling it mod_seq or
something similar. Maybe: cttype->next_mod_seq, iter->mod_seq and
cmod->mod_seq.

>  };
>
>  #ifdef MODULE
> diff --git a/lib/codetag.c b/lib/codetag.c
> index 42aadd6c1454..973bfa5dd5db 100644
> --- a/lib/codetag.c
> +++ b/lib/codetag.c
> @@ -13,6 +13,8 @@ struct codetag_type {
>         struct idr mod_idr;
>         struct rw_semaphore mod_lock; /* protects mod_idr */

The comment above should be expanded to say that mod_lock also
protects accesses to cttype->clock, iter->timestamp and
cmod->timestamp.

>         struct codetag_type_desc desc;
> +       /* generates timestamp for module load */
> +       unsigned long clock;
>  };
>
>  struct codetag_range {
> @@ -23,6 +25,7 @@ struct codetag_range {
>  struct codetag_module {
>         struct module *mod;
>         struct codetag_range range;
> +       unsigned long timestamp;
>  };
>
>  static DEFINE_MUTEX(codetag_lock);
> @@ -48,6 +51,7 @@ struct codetag_iterator codetag_get_ct_iter(struct codetag_type *cttype)
>                 .cmod = NULL,
>                 .mod_id = 0,
>                 .ct = NULL,
> +               .timestamp = 0,
>         };
>
>         return iter;
> @@ -91,11 +95,13 @@ struct codetag *codetag_next_ct(struct codetag_iterator *iter)
>                 if (!cmod)
>                         break;
>
> -               if (cmod != iter->cmod) {
> +               if (!iter->cmod || iter->timestamp != cmod->timestamp) {
>                         iter->cmod = cmod;
> +                       iter->timestamp = cmod->timestamp;
>                         ct = get_first_module_ct(cmod);
> -               } else
> +               } else {
>                         ct = get_next_module_ct(iter);
> +               }
>
>                 if (ct)
>                         break;
> @@ -190,6 +196,8 @@ static int codetag_module_init(struct codetag_type *cttype, struct module *mod)
>         cmod->range = range;
>
>         down_write(&cttype->mod_lock);
> +       cttype->clock++;
> +       cmod->timestamp = cttype->clock;
>         err = idr_alloc(&cttype->mod_idr, cmod, 0, 0, GFP_KERNEL);
>         if (err >= 0) {
>                 cttype->count += range_size(cttype, &range);
> --
> 2.39.2
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ