mirror of
https://abf.rosa.ru/djam/kernel-6.1.git
synced 2025-02-25 08:12:56 +00:00
Revisited the patch for memory sanitization
Based on the patch by Grsecurity: https://grsecurity.net/test/grsecurity-3.1-4.6.5-201607272152.patch
This commit is contained in:
Evgenii Shatokhin
parent
5533da8c64
commit
47fe53318a
1 changed files with 16 additions and 8 deletions
|
|
@ -1,5 +1,5 @@
|
|||
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
|
||||
index 0b3de80..2125a49 100644
|
||||
index 0b3de80..2167ea0 100644
|
||||
--- a/Documentation/kernel-parameters.txt
|
||||
+++ b/Documentation/kernel-parameters.txt
|
||||
@@ -2818,6 +2818,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
|
||||
|
|
@ -222,25 +222,33 @@ index 5ec1580..385cdbc 100644
|
|||
/* This slob page is about to become partially free. Easy! */
|
||||
sp->units = units;
|
||||
diff --git a/mm/slub.c b/mm/slub.c
|
||||
index 4dbb109e..aba52e1 100644
|
||||
index 4dbb109e..da2dc67 100644
|
||||
--- a/mm/slub.c
|
||||
+++ b/mm/slub.c
|
||||
@@ -2778,6 +2778,14 @@ static __always_inline void slab_free(struct kmem_cache *s, struct page *page,
|
||||
@@ -2778,6 +2778,22 @@ static __always_inline void slab_free(struct kmem_cache *s, struct page *page,
|
||||
|
||||
slab_free_freelist_hook(s, head, tail);
|
||||
|
||||
+#ifdef CONFIG_PAX_MEMORY_SANITIZE
|
||||
+ if (pax_sanitize_slab && !(s->flags & SLAB_NO_SANITIZE)) {
|
||||
+ memset(x, PAX_MEMORY_SANITIZE_VALUE, s->object_size);
|
||||
+ if (s->ctor)
|
||||
+ s->ctor(x);
|
||||
+ int offset = s->offset ? 0 : sizeof(void *);
|
||||
+ void *x = head;
|
||||
+
|
||||
+ while (1) {
|
||||
+ memset(x + offset, PAX_MEMORY_SANITIZE_VALUE, s->object_size - offset);
|
||||
+ if (s->ctor)
|
||||
+ s->ctor(x);
|
||||
+ if (x == tail_obj)
|
||||
+ break;
|
||||
+ x = get_freepointer(s, x);
|
||||
+ }
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
redo:
|
||||
/*
|
||||
* Determine the currently cpus per cpu slab.
|
||||
@@ -3291,6 +3299,9 @@ static int calculate_sizes(struct kmem_cache *s, int forced_order)
|
||||
@@ -3291,6 +3307,9 @@ static int calculate_sizes(struct kmem_cache *s, int forced_order)
|
||||
s->inuse = size;
|
||||
|
||||
if (((flags & (SLAB_DESTROY_BY_RCU | SLAB_POISON)) ||
|
||||
|
|
@ -272,7 +280,7 @@ index 59bf4d7..69f08cd 100644
|
|||
}
|
||||
|
||||
diff --git a/security/Kconfig b/security/Kconfig
|
||||
index e452378..0847880 100644
|
||||
index e452378..a7ca1d9 100644
|
||||
--- a/security/Kconfig
|
||||
+++ b/security/Kconfig
|
||||
@@ -6,6 +6,37 @@ menu "Security options"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue