Re: [v3] mm: Add SLUB free list pointer obfuscation

From: Kees Cook
Date: Wed Jul 26 2017 - 13:14:07 EST

Next message: Eddie James: "[PATCH v5 6/6] dt-bindings: i2c: Add FSI-attached I2C master dt binding documentation"
Previous message: Eddie James: "[PATCH v5 4/6] drivers/i2c: Add I2C master locking to FSI algorithm"
In reply to: Christopher Lameter: "Re: [v3] mm: Add SLUB free list pointer obfuscation"
Next in thread: Christopher Lameter: "Re: [v3] mm: Add SLUB free list pointer obfuscation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 26, 2017 at 9:55 AM, Christopher Lameter <cl@xxxxxxxxx> wrote:
> On Wed, 26 Jul 2017, Kees Cook wrote:
>
>> >> What happens if, instead of BUG_ON, we do:
>> >>
>> >> if (unlikely(WARN_RATELIMIT(object == fp, "double-free detected"))
>> >> return;
>> >
>> > This may work for the free fastpath but the set_freepointer function is
>> > use in multiple other locations. Maybe just add this to the fastpath
>> > instead of to this fucnction?
>>
>> Do you mean do_slab_free()?
>
> Yes inserting these lines into do_slab_free() would simple ignore the
> double free operation in the fast path and that would be safe.
>
> Although in either case we are adding code to the fastpath...

While I'd like it unconditionally, I think Alexander's proposal was to
put it behind CONFIG_SLAB_FREELIST_HARDENED.

BTW, while I've got your attention, can you Ack the other patch? I
sent a v4 for the pointer obfuscation, which we really need:
https://lkml.org/lkml/2017/7/26/4

Thanks!

-Kees

--
Kees Cook
Pixel Security

Next message: Eddie James: "[PATCH v5 6/6] dt-bindings: i2c: Add FSI-attached I2C master dt binding documentation"
Previous message: Eddie James: "[PATCH v5 4/6] drivers/i2c: Add I2C master locking to FSI algorithm"
In reply to: Christopher Lameter: "Re: [v3] mm: Add SLUB free list pointer obfuscation"
Next in thread: Christopher Lameter: "Re: [v3] mm: Add SLUB free list pointer obfuscation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]