| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAJuCfpGa2UxLY5Af_R6ZR4q57T0380bAWvwYWv2PzC=0sgCqKQ@mail.gmail.com>
Date: Fri, 9 May 2025 12:25:47 -0700
From: Suren Baghdasaryan <surenb@...gle.com>
To: David Wang <00107082@....com>
Cc: kent.overstreet@...ux.dev, akpm@...ux-foundation.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 1/2] alloc_tag: add sequence number for module and iterator
On Fri, May 9, 2025 at 10:39 AM David Wang <00107082@....com> wrote:
>
> Codetag iterator use <id,address> pair to guarantee the
> validness. But both id and address can be reused, there is
> theoretical possibility when module inserted right after
> another module removed, kmalloc returns an address same as
> the address kfree by previous module and IDR key reuses
> the key recently removed.
>
> Add a sequence number to codetag_module and code_iterator,
> the sequence number is strickly incremented whenever a module
> is loaded. An iterator is valid if and only if its sequence
> number match codetag_module's.
>
> Signed-off-by: David Wang <00107082@....com>
Acked-by: Suren Baghdasaryan <surenb@...gle.com>
> ---
> include/linux/codetag.h | 1 +
> lib/codetag.c | 17 ++++++++++++++---
> 2 files changed, 15 insertions(+), 3 deletions(-)
>
> diff --git a/include/linux/codetag.h b/include/linux/codetag.h
> index d14dbd26b370..90f707c3821f 100644
> --- a/include/linux/codetag.h
> +++ b/include/linux/codetag.h
> @@ -54,6 +54,7 @@ struct codetag_iterator {
> struct codetag_module *cmod;
> unsigned long mod_id;
> struct codetag *ct;
> + unsigned long mod_seq;
> };
>
> #ifdef MODULE
> diff --git a/lib/codetag.c b/lib/codetag.c
> index 42aadd6c1454..496cef7cdad3 100644
> --- a/lib/codetag.c
> +++ b/lib/codetag.c
> @@ -11,8 +11,14 @@ struct codetag_type {
> struct list_head link;
> unsigned int count;
> struct idr mod_idr;
> - struct rw_semaphore mod_lock; /* protects mod_idr */
> + /*
> + * protects mod_idr, next_mod_seq,
> + * iter->mod_seq and cmod->mod_seq
> + */
> + struct rw_semaphore mod_lock;
> struct codetag_type_desc desc;
> + /* generates unique sequence number for module load */
> + unsigned long next_mod_seq;
> };
>
> struct codetag_range {
> @@ -23,6 +29,7 @@ struct codetag_range {
> struct codetag_module {
> struct module *mod;
> struct codetag_range range;
> + unsigned long mod_seq;
> };
>
> static DEFINE_MUTEX(codetag_lock);
> @@ -48,6 +55,7 @@ struct codetag_iterator codetag_get_ct_iter(struct codetag_type *cttype)
> .cmod = NULL,
> .mod_id = 0,
> .ct = NULL,
> + .mod_seq = 0,
> };
>
> return iter;
> @@ -91,11 +99,13 @@ struct codetag *codetag_next_ct(struct codetag_iterator *iter)
> if (!cmod)
> break;
>
> - if (cmod != iter->cmod) {
> + if (!iter->cmod || iter->mod_seq != cmod->mod_seq) {
> iter->cmod = cmod;
> + iter->mod_seq = cmod->mod_seq;
> ct = get_first_module_ct(cmod);
> - } else
> + } else {
> ct = get_next_module_ct(iter);
> + }
>
> if (ct)
> break;
> @@ -190,6 +200,7 @@ static int codetag_module_init(struct codetag_type *cttype, struct module *mod)
> cmod->range = range;
>
> down_write(&cttype->mod_lock);
> + cmod->mod_seq = ++cttype->next_mod_seq;
> err = idr_alloc(&cttype->mod_idr, cmod, 0, 0, GFP_KERNEL);
> if (err >= 0) {
> cttype->count += range_size(cttype, &range);
> --
> 2.39.2
>
Powered by blists - more mailing lists