From: Walter Wu <walter-zh.wu@mediatek.com>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: Andrew Morton <akpm@linux-foundation.org>,
John Stultz <john.stultz@linaro.org>,
Stephen Boyd <sboyd@kernel.org>, Marco Elver <elver@google.com>,
Andrey Ryabinin <aryabinin@virtuozzo.com>,
"Alexander Potapenko" <glider@google.com>,
Dmitry Vyukov <dvyukov@google.com>,
"Andrey Konovalov" <andreyknvl@google.com>,
Matthias Brugger <matthias.bgg@gmail.com>,
<kasan-dev@googlegroups.com>, <linux-mm@kvack.org>,
<linux-kernel@vger.kernel.org>,
<linux-arm-kernel@lists.infradead.org>,
wsd_upstream <wsd_upstream@mediatek.com>,
<linux-mediatek@lists.infradead.org>
Subject: Re: [PATCH v4 1/6] timer: kasan: record timer stack
Date: Sun, 27 Sep 2020 01:11:52 +0800 [thread overview]
Message-ID: <1601140312.15228.12.camel@mtksdccf07> (raw)
In-Reply-To: <87wo0htqco.fsf@nanos.tec.linutronix.de>
Hi Thomas,
On Sat, 2020-09-26 at 00:59 +0200, Thomas Gleixner wrote:
> On Fri, Sep 25 2020 at 17:15, Walter Wu wrote:
> > On Fri, 2020-09-25 at 10:55 +0200, Thomas Gleixner wrote:
> >> > We don't want to replace DEBUG_OBJECTS_TIMERS with this patches, only
> >> > hope to use low overhead(compare with DEBUG_OBJECTS_TIMERS) to debug
> >>
> >> KASAN has lower overhead than DEBUG_OBJECTS_TIMERS? Maybe in a different
> >> universe.
> >>
> > I mean KASAN + our patch vs KASAN + DEBUG_OBJECTS_TIMERS. The front one
> > have the information to the original caller and help to debug. It is
> > smaller overhead than the one behind.
>
> For ONE specific problem related to timers and you have still not shown
> a single useful debug output where this information helps to debug
> anything.
>
> > I agree your saying, so that I need to find out a use case to explain to
> > you.
>
> Indeed.
>
First, I think the commit log “Because if the UAF root cause is in timer
init …” needs to be removed, this patch hopes to help programmer gets
timer callback is where is registered. It is useful only if free stack
is called from timer callback, because programmer can see why & where
register this function.
Second, see [1], it should satisfies first point. The free stack is from
timer callback, if we know where register this function, then it should
be useful to solve UAF.
[1]https://lore.kernel.org/linux-usb/000000000000590f6b05a1c05d15@google.com/
Thanks
Walter
> Thanks,
>
> tglx
>
next prev parent reply other threads:[~2020-09-26 17:12 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-24 4:03 [PATCH v4 1/6] timer: kasan: record timer stack Walter Wu
2020-09-24 21:41 ` Thomas Gleixner
2020-09-25 7:18 ` Walter Wu
2020-09-25 8:55 ` Thomas Gleixner
2020-09-25 9:15 ` Walter Wu
2020-09-25 22:59 ` Thomas Gleixner
2020-09-26 17:11 ` Walter Wu [this message]
2020-09-30 7:18 ` Thomas Gleixner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1601140312.15228.12.camel@mtksdccf07 \
--to=walter-zh.wu@mediatek.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@google.com \
--cc=aryabinin@virtuozzo.com \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=john.stultz@linaro.org \
--cc=kasan-dev@googlegroups.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=linux-mm@kvack.org \
--cc=matthias.bgg@gmail.com \
--cc=sboyd@kernel.org \
--cc=tglx@linutronix.de \
--cc=wsd_upstream@mediatek.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).