Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932477Ab2BXXPh (ORCPT ); Fri, 24 Feb 2012 18:15:37 -0500 Received: from r00tworld.com ([212.85.137.150]:53456 "EHLO r00tworld.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932404Ab2BXXPg (ORCPT ); Fri, 24 Feb 2012 18:15:36 -0500 From: "PaX Team" To: Greg KH , David Windsor Date: Sat, 25 Feb 2012 00:14:43 +0200 MIME-Version: 1.0 Subject: Re: [kernel-hardening] Re: Add overflow protection to kref Reply-to: pageexec@freemail.hu CC: Roland Dreier , Djalal Harouni , Vasiliy Kulikov , kernel-hardening@lists.openwall.com, Kees Cook , Ubuntu security discussion , linux-kernel@vger.kernel.org, spender@grsecurity.net Message-ID: <4F4819E3.23795.217CF269@pageexec.freemail.hu> In-reply-to: References: , <20120224183726.GB23284@kroah.com>, X-mailer: Pegasus Mail for Windows (4.63) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.12 (r00tworld.com [212.85.137.150]); Sat, 25 Feb 2012 00:14:52 +0100 (CET) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 787 Lines: 22 On 24 Feb 2012 at 14:04, David Windsor wrote: > Suggestions on recovering from an overflow here? do what PaX does? :) 1. saturate the refcount 2. report the event (pax_report_refcount_overflow) 3. kill the triggering userland process (this may be optional but it's a good measure if you have stuff like grsecurity's lockout feature) > 2. Detect the overflow before it happens, don't increment the counter, > issue a warning but no BUG. > This could also lead to some "undefined" behavior in subsystems. it's called a memory leak :). -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/