Commit cb427706 authored Apr 22, 2021 by Marco Elver Committed by Alexander Potapenko Apr 29, 2021

FROMGIT: kfence: zero guard page after out-of-bounds access

After an out-of-bounds accesses, zero the guard page before re-protecting
in kfence_guarded_free().  On one hand this helps make the failure mode of
subsequent out-of-bounds accesses more deterministic, but could also
prevent certain information leaks.

Link: https://lkml.kernel.org/r/20210312121653.348518-1-elver@google.com


Signed-off-by: Marco Elver <elver@google.com>
Acked-by: Alexander Potapenko <glider@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Andrey Konovalov <andreyknvl@google.com>
Cc: Jann Horn <jannh@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>

Bug: 172317151
Test: build and run on an ARM64 device
(cherry picked from commit 35eaef74e16dcc85b0659db1c7b4a8d83f7a34ef
 https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git

 akpm)
Signed-off-by: Alexander Potapenko <glider@google.com>
Change-Id: I2bad112b6cbf457892b1dd1a90b909cd88eee2c6

parent 372e6636

Show whitespace changes

Inline Side-by-side

Please to comment