[ubuntu-hardened] [kernel-hardening] Re: Add overflow protection to kref
roland at purestorage.com
Sat Feb 18 01:44:57 UTC 2012
On Fri, Feb 17, 2012 at 3:39 PM, Djalal Harouni <tixxdz at opendz.org> wrote:
>> 2) what to do with architectures-loosers?
> There is lib/atomic64.c but with a static hashed array of raw_spinlocks.
Even leaving aside performance impact of atomic64_t (and probably
in most cases the performance of kref is not important at all), it is
unfortunate to bloat the size from 4 bytes to 8 bytes.
It seems much better to have some out-of-line code for overflow
checking rather than increasing the size of every data structure
that embeds a kref.
Greg, I'm not sure why you're opposed to adding this checking...
it's pretty clear that buggy error paths that forget to do a put are
pretty common and will continue to be common in new code, and
making them harder to exploit seems pretty sane to me.
What's the downside?
More information about the ubuntu-hardened