| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <176467374051.1009192.13862809250568196121.b4-ty@kernel.org>
Date: Tue, 2 Dec 2025 13:09:49 +0200
From: Mike Rapoport <rppt@...nel.org>
To: Andrew Morton <akpm@...ux-foundation.org>,
Joshua Hahn <joshua.hahnjy@...il.com>
Cc: Mike Rapoport <rppt@...nel.org>,
Vlastimil Babka <vbabka@...e.cz>,
SeongJae Park <sj@...nel.org>,
Jonathan Corbet <corbet@....net>,
linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org,
linux-mm@...ck.org,
kernel-team@...a.com
Subject: Re: [PATCH v3] mm/mm_init: Introduce a boot parameter for check_pages
On Mon, 01 Dec 2025 10:07:38 -0800, Joshua Hahn wrote:
> Use-after-free and double-free bugs can be very difficult to track down.
> The kernel is good at tracking these and preventing bad pages from being
> used/created through simple checks gated behind "check_pages_enabled".
>
> Currently, the only ways to enable this flag is by building with
> CONFIG_DEBUG_VM, or as a side effect of other checks such as
> init_on_{alloc, free}, page_poisoning, or debug_pagealloc among others.
> These solutions are powerful, but may often be too coarse in balancing
> the performance vs. safety that a user may want, particularly in
> latency-sensitive production environments.
>
> [...]
Applied to for-next branch of memblock.git tree, thanks!
[1/1] mm/mm_init: Introduce a boot parameter for check_pages
commit: a29b922955aa2bedde15876707532b982dec183c
tree: https://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock
branch: for-next
--
Sincerely yours,
Mike.
Powered by blists - more mailing lists