From: Christopher Lameter <cl@linux.com>
To: Alexander Potapenko <glider@google.com>
Cc: akpm@linux-foundation.org, dvyukov@google.com,
keescook@chromium.org, labbott@redhat.com, linux-mm@kvack.org,
linux-security-module@vger.kernel.org,
kernel-hardening@lists.openwall.com
Subject: Re: [PATCH 1/3] mm: security: introduce the init_allocations=1 boot option
Date: Fri, 26 Apr 2019 14:14:47 +0000 [thread overview]
Message-ID: <0100016a59ffa618-56d49996-ecb0-481c-88c3-380495651623-000000@email.amazonses.com> (raw)
In-Reply-To: <20190418154208.131118-2-glider@google.com>
On Thu, 18 Apr 2019, Alexander Potapenko wrote:
> This option adds the possibility to initialize newly allocated pages and
> heap objects with zeroes. This is needed to prevent possible information
> leaks and make the control-flow bugs that depend on uninitialized values
> more deterministic.
>
> Initialization is done at allocation time at the places where checks for
> __GFP_ZERO are performed. We don't initialize slab caches with
> constructors to preserve their semantics. To reduce runtime costs of
> checking cachep->ctor we replace a call to memset with a call to
> cachep->poison_fn, which is only executed if the memory block needs to
> be initialized.
Just check for a ctor and then zero or use whatever pattern ? Why add a
new function?
next prev parent reply other threads:[~2019-04-26 14:14 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-18 15:42 [PATCH 0/3] RFC: add init_allocations=1 boot option Alexander Potapenko
2019-04-18 15:42 ` [PATCH 1/3] mm: security: introduce the " Alexander Potapenko
2019-04-18 16:35 ` Dave Hansen
2019-04-18 16:43 ` Alexander Potapenko
2019-04-18 16:50 ` Alexander Potapenko
2019-04-23 8:31 ` Michal Hocko
2019-04-18 22:08 ` Randy Dunlap
2019-04-23 19:00 ` Kees Cook
2019-04-26 12:12 ` Alexander Potapenko
2019-04-23 20:36 ` Dave Hansen
2019-04-26 14:14 ` Christopher Lameter [this message]
[not found] ` <alpine.DEB.2.21.1904260911570.8340@nuc-kabylake>
2019-04-26 15:24 ` Christopher Lameter
2019-04-26 15:48 ` Alexander Potapenko
2019-04-18 15:42 ` [PATCH 2/3] gfp: mm: introduce __GFP_NOINIT Alexander Potapenko
2019-04-18 16:52 ` Dave Hansen
2019-04-23 19:14 ` Kees Cook
2019-04-23 20:40 ` Dave Hansen
2019-04-23 19:11 ` Kees Cook
2019-04-18 15:42 ` [PATCH 3/3] RFC: net: apply __GFP_NOINIT to AF_UNIX sk_buff allocations Alexander Potapenko
2019-04-23 19:17 ` Kees Cook
2019-04-18 15:44 ` [PATCH 0/3] RFC: add init_allocations=1 boot option Alexander Potapenko
2019-04-18 22:07 ` Randy Dunlap
2019-04-23 18:49 ` Kees Cook
2019-04-26 12:39 ` Alexander Potapenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0100016a59ffa618-56d49996-ecb0-481c-88c3-380495651623-000000@email.amazonses.com \
--to=cl@linux.com \
--cc=akpm@linux-foundation.org \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=labbott@redhat.com \
--cc=linux-mm@kvack.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).