public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
From: Pavel Emelyanov <xemul@parallels.com>
To: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Cc: Cyrill Gorcunov <gorcunov@openvz.org>,
	Glauber Costa <glommer@parallels.com>,
	Andi Kleen <andi@firstfloor.org>, Tejun Heo <tj@kernel.org>,
	Matt Helsley <matthltc@us.ibm.com>,
	Pekka Enberg <penberg@kernel.org>,
	Eric Dumazet <eric.dumazet@gmail.com>,
	Andrew Morton <akpm@linux-foundation.org>
Subject: [PATCH 1/4] Routine for generating a safe ID for kernel pointer
Date: Thu, 17 Nov 2011 13:56:14 +0400	[thread overview]
Message-ID: <4EC4DA3E.5020904@parallels.com> (raw)
In-Reply-To: <4EC4DA15.7090106@parallels.com>

The routine XORs the given pointer with a random value thus producing
an ID (32 or 64 bit, depending on the arch) which can be shown even to
unprivileged user space processes without risking of leaking kernel
information.

Signed-off-by: Pavel Emelyanov <xemul@parallels.com>

---
 include/linux/mm.h |   13 +++++++++++++
 mm/Kconfig         |    7 +++++++
 mm/util.c          |   28 ++++++++++++++++++++++++++++
 3 files changed, 48 insertions(+), 0 deletions(-)

diff --git a/include/linux/mm.h b/include/linux/mm.h
index 7438071..80ea327 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -1627,5 +1627,18 @@ extern void copy_user_huge_page(struct page *dst, struct page *src,
 				unsigned int pages_per_huge_page);
 #endif /* CONFIG_TRANSPARENT_HUGEPAGE || CONFIG_HUGETLBFS */
 
+enum {
+	GEN_OBJ_ID_TYPES,
+};
+
+#ifdef CONFIG_GENERIC_OBJECT_IDS
+unsigned long gen_object_id(void *ptr, int type);
+#else
+static inline unsigned long gen_object_id(void *ptr, int type)
+{
+	return 0;
+}
+#endif
+
 #endif /* __KERNEL__ */
 #endif /* _LINUX_MM_H */
diff --git a/mm/Kconfig b/mm/Kconfig
index f2f1ca1..1480cbf 100644
--- a/mm/Kconfig
+++ b/mm/Kconfig
@@ -370,3 +370,10 @@ config CLEANCACHE
 	  in a negligible performance hit.
 
 	  If unsure, say Y to enable cleancache
+
+config GENERIC_OBJECT_IDS
+	bool "Enable generic object ids infrastructure"
+	default n
+	help
+	  Turn on the (quite simple) funtionality that can generate IDs for
+	  kernel objects which is safe to export to the userspace.
diff --git a/mm/util.c b/mm/util.c
index 88ea1bd..1bcde18 100644
--- a/mm/util.c
+++ b/mm/util.c
@@ -4,6 +4,7 @@
 #include <linux/module.h>
 #include <linux/err.h>
 #include <linux/sched.h>
+#include <linux/random.h>
 #include <asm/uaccess.h>
 
 #include "internal.h"
@@ -307,3 +308,30 @@ EXPORT_TRACEPOINT_SYMBOL(kmalloc_node);
 EXPORT_TRACEPOINT_SYMBOL(kmem_cache_alloc_node);
 EXPORT_TRACEPOINT_SYMBOL(kfree);
 EXPORT_TRACEPOINT_SYMBOL(kmem_cache_free);
+
+#ifdef CONFIG_GENERIC_OBJECT_IDS
+static unsigned long ptr_poison[GEN_OBJ_ID_TYPES] __read_mostly;
+
+unsigned long gen_object_id(void *ptr, int type)
+{
+	if (!ptr)
+		return 0;
+
+	BUG_ON(type >= GEN_OBJ_ID_TYPES);
+	WARN_ON_ONCE(ptr_poison[type] == 0);
+
+	return ((unsigned long)ptr) ^ ptr_poison[type];
+}
+
+static int gen_object_poison_init(void)
+{
+	int i;
+
+	for (i = 0; i < GEN_OBJ_ID_TYPES; i++)
+		get_random_bytes(&ptr_poison[i], sizeof(unsigned long));
+
+	return 0;
+}
+
+late_initcall(gen_object_poison_init);
+#endif
-- 
1.5.5.6

  reply	other threads:[~2011-11-17  9:56 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-11-17  9:55 [PATCH v2 0/4] Checkpoint/Restore: Show in proc IDs of objects that can be shared between tasks Pavel Emelyanov
2011-11-17  9:56 ` Pavel Emelyanov [this message]
2011-11-17  9:56 ` [PATCH 2/4] proc: Show namespaces IDs in /proc/pid/ns/* files Pavel Emelyanov
2011-11-17  9:56 ` [PATCH 3/4] proc: Show open file ID in /proc/pid/fdinfo/* Pavel Emelyanov
2011-11-17 20:48 ` [PATCH v2 0/4] Checkpoint/Restore: Show in proc IDs of objects that can be shared between tasks Andrew Morton
2011-11-18  9:24   ` Pavel Emelyanov
2011-11-18 19:07     ` Andrew Morton
2011-11-18 20:03       ` Cyrill Gorcunov
2011-11-18 20:37         ` Andrew Morton
2011-11-18 21:03           ` Cyrill Gorcunov
2011-11-18 21:09             ` Pekka Enberg
2011-11-18 22:10               ` Kyle Moffett
2011-11-18 23:46                 ` Tejun Heo
2011-11-19  1:09                   ` Kyle Moffett
2011-11-19  5:30                     ` Cyrill Gorcunov
2011-11-18 23:38             ` Matt Helsley
2011-11-19  5:35               ` Cyrill Gorcunov
2011-11-19  7:57       ` Vasiliy Kulikov
2011-11-19  8:10         ` Vasiliy Kulikov
2011-11-19  8:18           ` Vasiliy Kulikov
2011-11-19 15:34           ` Cyrill Gorcunov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4EC4DA3E.5020904@parallels.com \
    --to=xemul@parallels.com \
    --cc=akpm@linux-foundation.org \
    --cc=andi@firstfloor.org \
    --cc=eric.dumazet@gmail.com \
    --cc=glommer@parallels.com \
    --cc=gorcunov@openvz.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=matthltc@us.ibm.com \
    --cc=penberg@kernel.org \
    --cc=tj@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox