Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 16 Feb 2012 21:48:38 -0500
From: David Windsor <dwindsor@...il.com>
To: Kees Cook <keescook@...omium.org>, Greg KH <gregkh@...uxfoundation.org>, 
	pageexec@...email.hu, 
	Ubuntu security discussion <ubuntu-hardened@...ts.ubuntu.com>, spender@...ecurity.net, 
	linux-kernel@...r.kernel.org, kernel-hardening@...ts.openwall.com
Subject: Re: [ubuntu-hardened] Add overflow protection to kref

<snip>

>>
>> I have yet to see a patch, so why are we arguing about this?  :)
>>
>> Again, I don't know of any kref overflows that have ever happened, so
>> trying to "protect" this type of thing, seems odd to me.
>
> Well, I think the issue was to protect counting things (which seems to
> be what PaX was after originally), and that kref seemed like the place
> to put it. I'll let David take it further.
>

Patches are forthcoming that will first introduce overflow protection
to kref.  Once that's in place, I'll move a few refcount users from
atomic_t to kref as a reference for other subsystems; statistics-based
users (and others not requiring overflow protection) can continue
using atomic_t.

As Kees said, we just wanted to introduce the idea and get some
general feedback before beginning.  Thanks.

> Thanks,
>
> -Kees
>
> --
> Kees Cook
> ChromeOS Security



-- 
PGP: 6141 5FFD 11AE 9844 153E  F268 7C98 7268 6B19 6CC9

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.