Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 22 Nov 2017 22:33:31 +0800
From: zerons <zeronsaxm@...il.com>
To: kernel-hardening@...ts.openwall.com
Subject: a part of SLAB_FREELIST_HARDENED feature doesn't
 work well

(commit-webpage)[https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce6fa91b93630396ca220c33dd38ffc62686d499]

Test it on kernel 4.14.0.

When something goes like
kfree(a);
kfree(a);
then `insmod` crashed 'Segment Fault'

kfree(a);kfree(b);kfree(a);
Got nothing.

I add another kernel thread, just free some objects
very close to the target object_a;
kfree(a);
		another thread does some kfree(...)
kfree(a);
nothing happened, this patch didn't crash the `insmod` operation.

View attachment "test.c" of type "text/x-csrc" (1127 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.