lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 27 Feb 2007 19:24:12 -0300 From: "Arnaldo Carvalho de Melo" <arnaldo.melo@...il.com> To: "David Miller" <davem@...emloft.net> Cc: johnpol@....mipt.ru, paul.moore@...com, kaber@...sh.net, netdev@...r.kernel.org Subject: Re: [NET]: Fix kfree(skb) On 2/27/07, David Miller <davem@...emloft.net> wrote: > From: Evgeniy Polyakov <johnpol@....mipt.ru> > Date: Tue, 27 Feb 2007 21:20:01 +0300 > > > On Tue, Feb 27, 2007 at 09:14:25PM +0300, Evgeniy Polyakov (johnpol@....mipt.ru) wrote: > > > On Tue, Feb 27, 2007 at 10:00:52AM -0800, David Miller (davem@...emloft.net) wrote: > > > > It's unfortunately an easy mistake to make since kfree() accepts any > > > > pointer type without warning. > > > > > > > > What would be really nice is if someone could come up with a way for > > > > kfree() to disallow being passed objects that are meant to be released > > > > via some other mechanism. So that, for example: > > > > > > > > kfree(skb); > > > > > > > > would warn or fail to compile, but the kfree_skb() code could go: > > > > > > > > kmem_cache_free_I_KNOW_WHAT_I_AM_DOING(skbuff_head_cache, skb); > > > > > > > > :-) > > > > > > Something like that? (not tested, will do if starting point looks > > > correct - it checks if requested to be freed size is equal to one of the > > > kmalloc() size, and warns if kmalloc cache is not that one where > > > we are going to free an object): > > > > > > diff --git a/mm/slab.c b/mm/slab.c > > > index c610062..bcb29df 100644 > > > --- a/mm/slab.c > > > +++ b/mm/slab.c > > > @@ -3757,6 +3757,15 @@ void kfree(const void *objp) > > > local_irq_save(flags); > > > kfree_debugcheck(objp); > > > c = virt_to_cache(objp); > > > + > > > + { > > > + int size = kmem_cache_size(c); > > > + struct cache_sizes *csizep = malloc_sizes; > > > + while (size != csizep->cs_size) > > > > that needs a check for csizep != NULL too obviously. > > Proof of concept, what do you expect? :) > > It's a great run-time check, for sure, and definitely something > that we should add when SLAB_DEBUG is enabled. > > A compile-time check would be "really neat" :-) I guess this is something up for sparse annotations, like what is done with __user, etc. - Arnaldo - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists