oss-sec mailing list archives

Re: Linux kernel pointer poisoning (was: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam)

From: Vasily Kulikov <segoon () openwall com>
Date: Thu, 7 May 2015 12:37:51 +0300

On Thu, May 07, 2015 at 12:36 +0300, Vasily Kulikov wrote:

b) how to check for an insane POISON_POINTER() arg in case of
TIMER_ENTRY_STATIC (and such)?  The current implementation of
POISON_POINTER() fails as following:

mm/page_alloc.c: In function 'free_pages_prepare':
mm/page_alloc.c:840:23: error: call to '__compiletime_assert_840' declared with attribute error: BUILD_BUG_ON failed: 
0x0111400 >= POISON_AREA_SIZE


Sorry, I've copied a wrong error message.  The right one is as
following:

kernel/irq/spurious.c:23:8: error: braced-group within expression allowed only inside a function

-- 
Vasily Kulikov
http://www.openwall.com - bringing security into open computing environments

Current thread:

CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Wen Xu (May 02)
- Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Solar Designer (May 02)
  - Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Wen Xu (May 02)
    - Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Solar Designer (May 02)
  - Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Vasily Kulikov (May 06)
  - Linux kernel pointer poisoning (was: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam) Vasily Kulikov (May 07)
    - Re: Linux kernel pointer poisoning (was: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam) Vasily Kulikov (May 07)
- Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam cve-assign (May 02)