[PATCH 0/3] linux-next: mm: hardening: Track genalloc allocations
igor.stoppa at gmail.com
Sun Apr 29 02:45:39 UTC 2018
This patchset was created as part of an older version of pmalloc, however
it has value per-se, as it hardens the memory management for the generic
Genalloc does not currently track the size of the allocations it hands out.
Either by mistake, or due to an attack, it is possible that more memory
than what was initially allocated is freed, leaving behind dangling
pointers, ready for an use-after-free attack.
With this patch, genalloc becomes capable of tracking the size of each
allocation it has handed out, when it's time to free it.
It can either verify that the size received, when free is invoked, is
correct, or it can decide autonomously how much memory to free, if the
value received for the size parameter is 0.
These patches are proposed for beign merged into linux-next, to verify
that they do not introduce regressions, by comparing the value received
from the callers of the free function with the internal tracking.
Later on, the "size" parameter can be dropped, and each caller can be
Signed-off-by: Igor Stoppa <igor.stoppa at huawei.com>
Igor Stoppa (3):
genalloc: track beginning of allocations
Add label and license to genalloc.rst
Documentation/core-api/genalloc.rst | 4 +
include/linux/genalloc.h | 112 +++---
init/main.c | 2 +
lib/Kconfig | 15 +
lib/Makefile | 1 +
lib/genalloc.c | 742 ++++++++++++++++++++++++++----------
lib/test_genalloc.c | 410 ++++++++++++++++++++
7 files changed, 1031 insertions(+), 255 deletions(-)
create mode 100644 lib/test_genalloc.c
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive