From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753042AbdBCXhi (ORCPT ); Fri, 3 Feb 2017 18:37:38 -0500 Received: from mail-it0-f49.google.com ([209.85.214.49]:38071 "EHLO mail-it0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752816AbdBCXhh (ORCPT ); Fri, 3 Feb 2017 18:37:37 -0500 MIME-Version: 1.0 In-Reply-To: <20170203132737.263327330@infradead.org> References: <20170203132558.474916683@infradead.org> <20170203132737.263327330@infradead.org> From: Kees Cook Date: Fri, 3 Feb 2017 15:37:35 -0800 X-Google-Sender-Auth: Pk4aVEvB-SZygJ1WM8Uq9kcUWAI Message-ID: Subject: Re: [PATCH 1/5] refcount_t: A special purpose refcount type To: Peter Zijlstra Cc: "Reshetova, Elena" , Greg KH , Arnd Bergmann , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Will Deacon , David Windsor , David Howells , LKML , "kernel-hardening@lists.openwall.com" Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 3, 2017 at 5:25 AM, Peter Zijlstra wrote: > Provide refcount_t, an atomic_t like primitive built just for > refcounting. > > It provides saturation semantics such that overflow becomes impossible > and thereby 'spurious' use-after-free is avoided. > > Signed-off-by: Peter Zijlstra (Intel) > --- > include/linux/refcount.h | 294 +++++++++++++++++++++++++++++++++++++++++++++++ > lib/Kconfig.debug | 13 ++ > 2 files changed, 307 insertions(+) > > --- /dev/null > +++ b/include/linux/refcount.h > @@ -0,0 +1,294 @@ > [...] > +#if CONFIG_DEBUG_REFCOUNT Oh, and I just hit this too, it should be "#ifdef" ... I didn't notice until after I sent my improvement series. Whoops. :P Yay Friday. -Kees -- Kees Cook Pixel Security From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 Sender: keescook@google.com In-Reply-To: <20170203132737.263327330@infradead.org> References: <20170203132558.474916683@infradead.org> <20170203132737.263327330@infradead.org> From: Kees Cook Date: Fri, 3 Feb 2017 15:37:35 -0800 Message-ID: Content-Type: text/plain; charset=UTF-8 Subject: [kernel-hardening] Re: [PATCH 1/5] refcount_t: A special purpose refcount type To: Peter Zijlstra Cc: "Reshetova, Elena" , Greg KH , Arnd Bergmann , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Will Deacon , David Windsor , David Howells , LKML , "kernel-hardening@lists.openwall.com" List-ID: On Fri, Feb 3, 2017 at 5:25 AM, Peter Zijlstra wrote: > Provide refcount_t, an atomic_t like primitive built just for > refcounting. > > It provides saturation semantics such that overflow becomes impossible > and thereby 'spurious' use-after-free is avoided. > > Signed-off-by: Peter Zijlstra (Intel) > --- > include/linux/refcount.h | 294 +++++++++++++++++++++++++++++++++++++++++++++++ > lib/Kconfig.debug | 13 ++ > 2 files changed, 307 insertions(+) > > --- /dev/null > +++ b/include/linux/refcount.h > @@ -0,0 +1,294 @@ > [...] > +#if CONFIG_DEBUG_REFCOUNT Oh, and I just hit this too, it should be "#ifdef" ... I didn't notice until after I sent my improvement series. Whoops. :P Yay Friday. -Kees -- Kees Cook Pixel Security