Date: Thu, 7 May 2015 12:37:51 +0300 From: Vasily Kulikov <segoon@...nwall.com> To: Solar Designer <solar@...nwall.com> Cc: Wen Xu <hotdog3645@...il.com>, oss-security@...ts.openwall.com, kernel-hardening@...ts.openwall.com Subject: Re: Linux kernel pointer poisoning (was: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam) On Thu, May 07, 2015 at 12:36 +0300, Vasily Kulikov wrote: > b) how to check for an insane POISON_POINTER() arg in case of > TIMER_ENTRY_STATIC (and such)? The current implementation of > POISON_POINTER() fails as following: > > mm/page_alloc.c: In function 'free_pages_prepare': > mm/page_alloc.c:840:23: error: call to '__compiletime_assert_840' declared with attribute error: BUILD_BUG_ON failed: 0x0111400 >= POISON_AREA_SIZE Sorry, I've copied a wrong error message. The right one is as following: kernel/irq/spurious.c:23:8: error: braced-group within expression allowed only inside a function -- Vasily Kulikov http://www.openwall.com - bringing security into open computing environments
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ