From: tixy@yxit.co.uk (Tixy)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH] ARM: poison initmem when it is freed
Date: Wed, 06 Jul 2011 10:08:20 +0100 [thread overview]
Message-ID: <1309943300.2279.9.camel@computer2> (raw)
In-Reply-To: <alpine.LFD.2.00.1107051540550.14596@xanadu.home>
On Tue, 2011-07-05 at 15:48 -0400, Nicolas Pitre wrote:
> On Tue, 5 Jul 2011, Russell King - ARM Linux wrote:
> > Have you tried to find a byte-based poison value which would fault
> > yet still cause a pointer dereference? You're limited to 0xeN on
> > ARM, of which there's almost nothing to chose from:
> >
> > 0: e0e0e0e0 rsc lr, r0, r0, ror #1
> > 4: e1e1e1e1 mvn lr, r1, ror #3
> > 8: e2e2e2e2 rsc lr, r2, #536870926 ; 0x2000000e
> > c: e3e3e3e3 mvn lr, #-1946157053 ; 0x8c000003
> > 10: e4e4e4e4 strbt lr, [r4], #1252
> > 14: e5e5e5e5 strb lr, [r5, #1509]!
> > 18: e6e6e6e6 strbt lr, [r6], r6, ror #13
> > 1c: e7e7e7e7 strb lr, [r7, r7, ror #15]!
> > 20: e8e8e8e8 stmia r8!, {r3, r5, r6, r7, fp, sp, lr, pc}^
> > 24: e9e9e9e9 stmib r9!, {r0, r3, r5, r6, r7, r8, fp, sp, lr, pc}^
> > 28: eaeaeaea b 0xffababd8
> > 2c: ebebebeb bl 0xffafafe0
> > 30: ecececec stcl 12, cr14, [ip], #944
> > 34: edededed stcl 13, cr14, [sp, #948]!
> > 38: eeeeeeee cdp 14, 14, cr14, cr14, cr14, {7}
> > 3c: efefefef svc 0x00efefef
> >
> > 0xefefefef looks to be about the best alternative.
>
> Right. Does it have to be a byte? Having a word (or half-word if
> Thumb2) would be much more convenient.
For Thumb, 0xde?? is Permanently UNDEFINED, so we could have 0xdede for
a single byte pattern or an even more descriptive 0xdead if we don't
have that restriction.
--
Tixy
next prev parent reply other threads:[~2011-07-06 9:08 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-05 18:42 [PATCH] ARM: poison initmem when it is freed Russell King - ARM Linux
2011-07-05 19:17 ` Nicolas Pitre
2011-07-05 19:26 ` Russell King - ARM Linux
2011-07-05 19:48 ` Nicolas Pitre
2011-07-05 23:34 ` Stephen Boyd
2011-07-06 20:34 ` Russell King - ARM Linux
2011-07-06 20:55 ` Stephen Boyd
2011-07-06 21:01 ` Russell King - ARM Linux
2011-07-06 21:45 ` Tim Bird
2011-07-07 16:47 ` [PATCHv2] arm: mm: Poison freed init memory Stephen Boyd
2011-07-07 16:47 ` Stephen Boyd
2011-07-07 17:36 ` Russell King - ARM Linux
2011-07-07 17:36 ` Russell King - ARM Linux
2011-07-07 17:44 ` Stephen Boyd
2011-07-07 17:44 ` Stephen Boyd
2011-07-07 17:41 ` Nicolas Pitre
2011-07-07 17:41 ` Nicolas Pitre
2011-07-06 9:08 ` Tixy [this message]
2011-07-06 20:35 ` [PATCH] ARM: poison initmem when it is freed Russell King - ARM Linux
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1309943300.2279.9.camel@computer2 \
--to=tixy@yxit.co.uk \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.