Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 24 Nov 2015 13:47:42 -0800
From: Kees Cook <keescook@...omium.org>
To: "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Cc: PaX Team <pageexec@...email.hu>
Subject: Re: status: PAX_REFCOUNT

On Tue, Nov 24, 2015 at 1:20 PM, Greg KH <gregkh@...uxfoundation.org> wrote:
> On Tue, Nov 24, 2015 at 02:37:41PM -0500, David Windsor wrote:
>> I'm currently in the process of splitting PAX_REFCOUNT.
>>
>> It looks to touch a massive number of files.  Many of the modifications occur
>> in drivers:
>>
>> dave@...ontium:~/src/linux-grsec-4.2$ grep -ril "atomic.*unchecked" | wc -l
>> 402
>> dave@...ontium:~/src/linux-grsec-4.2$ grep -ril "atomic.*unchecked" drivers/ |
>> wc -l
>> 158
>
> Odds are, we can take lots of these existing atomic usages and either
> replace them with a kref, or remove them, as I can't imagine that we
> need that many different atomic variables for things that are not just
> debugging things.

Yeah, I'll be curious to get a look at it in raw extracted form. I
still want to make sure we're whitelisting, though, and not asking
people to learn a new API (unless they do NOT want the protection).

-Kees

-- 
Kees Cook
Chrome OS & Brillo Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.