Re: [PATCH v2 0/5] bug: Provide toggle for BUG on data corruption

From: Kees Cook
Date: Wed Aug 17 2016 - 17:11:41 EST


On Wed, Aug 17, 2016 at 1:17 PM, Stephen Boyd <sboyd@xxxxxxxxxxxxxx> wrote:
> On 08/16, Kees Cook wrote:
>> This adds a CONFIG to trigger BUG()s when the kernel encounters
>> unexpected data structure integrity as currently detected with
>> CONFIG_DEBUG_LIST.
>>
>> Specifically list operations have been a target for widening flaws to gain
>> "write anywhere" primitives for attackers, so this also consolidates the
>> debug checking to avoid code and check duplication (e.g. RCU list debug
>> was missing a check that got added to regular list debug). It also stops
>> manipulations when corruption is detected, since worsening the corruption
>> makes no sense. (Really, everyone should build with CONFIG_DEBUG_LIST
>> since the checks are so inexpensive.)
>>
>> This is mostly a refactoring of similar code from PaX and Grsecurity,
>> along with MSM kernel changes by Stephen Boyd.
>
> Which commit in the MSM kernel from me? I wonder if perhaps
> you're thinking of a patch from Syed Rameez Mustafa like commit
> 1c014f321e6d67f47 in the msm-3.4 kernel.

Ooof. I can't read. Yes, you were the committer, not the author! Whoops!

https://android.googlesource.com/kernel/msm/+/7b49b86d3aa3d0c6400454a346bad1bbdf0cc78f%5E%21/#F0

I will adjust the changelog. Thanks!

-Kees

--
Kees Cook
Nexus Security