Date: Tue, 18 Aug 2020 00:03:57 +0300 From: Alexander Popov <alex.popov@...ux.com> To: Pavel Machek <pavel@...x.de>, Matthew Wilcox <willy@...radead.org> Cc: Kees Cook <keescook@...omium.org>, Jann Horn <jannh@...gle.com>, Will Deacon <will@...nel.org>, Andrey Ryabinin <aryabinin@...tuozzo.com>, Alexander Potapenko <glider@...gle.com>, Dmitry Vyukov <dvyukov@...gle.com>, Christoph Lameter <cl@...ux.com>, Pekka Enberg <penberg@...nel.org>, David Rientjes <rientjes@...gle.com>, Joonsoo Kim <iamjoonsoo.kim@....com>, Andrew Morton <akpm@...ux-foundation.org>, Masahiro Yamada <masahiroy@...nel.org>, Masami Hiramatsu <mhiramat@...nel.org>, Steven Rostedt <rostedt@...dmis.org>, Peter Zijlstra <peterz@...radead.org>, Krzysztof Kozlowski <krzk@...nel.org>, Patrick Bellasi <patrick.bellasi@....com>, David Howells <dhowells@...hat.com>, Eric Biederman <ebiederm@...ssion.com>, Johannes Weiner <hannes@...xchg.org>, Laura Abbott <labbott@...hat.com>, Arnd Bergmann <arnd@...db.de>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, kasan-dev@...glegroups.com, linux-mm@...ck.org, kernel-hardening@...ts.openwall.com, linux-kernel@...r.kernel.org, notify@...nel.org, Andrey Konovalov <andreyknvl@...gle.com> Subject: Re: [PATCH RFC 1/2] mm: Extract SLAB_QUARANTINE from KASAN On 16.08.2020 22:59, Pavel Machek wrote: > On Sat 2020-08-15 19:54:55, Matthew Wilcox wrote: >> On Thu, Aug 13, 2020 at 06:19:21PM +0300, Alexander Popov wrote: >>> +config SLAB_QUARANTINE >>> + bool "Enable slab freelist quarantine" >>> + depends on !KASAN && (SLAB || SLUB) >>> + help >>> + Enable slab freelist quarantine to break heap spraying technique >>> + used for exploiting use-after-free vulnerabilities in the kernel >>> + code. If this feature is enabled, freed allocations are stored >>> + in the quarantine and can't be instantly reallocated and >>> + overwritten by the exploit performing heap spraying. >>> + This feature is a part of KASAN functionality. >> >> After this patch, it isn't part of KASAN any more ;-) >> >> The way this is written is a bit too low level. Let's write it in terms >> that people who don't know the guts of the slab allocator or security >> terminology can understand: >> >> Delay reuse of freed slab objects. This makes some security >> exploits harder to execute. It reduces performance slightly >> as objects will be cache cold by the time they are reallocated, >> and it costs a small amount of memory. > > Written this way, it invites questions: > > Does it introduce any new deadlocks in near out-of-memory situations? Linux kernel with enabled KASAN is heavily tested by syzbot. I think Dmitry and Andrey can give good answers to your question. Some time ago I was doing Linux kernel fuzzing with syzkaller on low memory virtual machines (with KASAN and LOCKUP_DETECTOR enabled). I gave less than 1G to each debian stretch VM. I didn't get any special deadlock caused by OOM. Best regards, Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.