From: Nick Piggin <npiggin@suse.de>
To: Skywing <Skywing@valhallalegends.com>
Cc: Len Brown <lenb@kernel.org>,
Christoph Hellwig <hch@infradead.org>,
Alexey Starikovskiy <aystarik@gmail.com>,
Pekka Enberg <penberg@cs.helsinki.fi>,
Linux Memory Management List <linux-mm@kvack.org>,
"linux-acpi@vger.kernel.org" <linux-acpi@vger.kernel.org>
Subject: Re: [patch][rfc] acpi: do not use kmem caches
Date: Mon, 5 Jan 2009 07:55:51 +0100 [thread overview]
Message-ID: <20090105065551.GB5209@wotan.suse.de> (raw)
In-Reply-To: <982D8D05B6407A49AD506E6C3AC8E7D6BFEEA2A60C@caralain.haven.nynaeve.net>
On Sun, Jan 04, 2009 at 11:43:55PM -0600, Skywing wrote:
> -----Original Message-----
> From: linux-acpi-owner@vger.kernel.org [mailto:linux-acpi-owner@vger.kernel.org] On Behalf Of Nick Piggin
> Sent: Sunday, January 04, 2009 11:15 PM
> To: Len Brown
> Cc: Christoph Hellwig; Alexey Starikovskiy; Pekka Enberg; Linux Memory Management List; linux-acpi@vger.kernel.org
> Subject: Re: [patch][rfc] acpi: do not use kmem caches
>
> > > I think they are here to stay. We are running
> > > an interpreter in kernel-space with arbitrary input,
> > > so I think the ability to easily isolate run-time memory leaks
> > > on a non-debug system is important.
> > I don't really see the connection. Or why being an interpreter is so
> > special. Filesystems, network stack, etc run in kernel with arbitrary
> > input. If kmem caches are part of a security strategy, then it's
> > broken... You'd surely have to detect bad input before the interpreter
> > turns it into a memory leak (or recover afterward, in which case it
> > isn't a leak).
>
> I think that the purposes of these was to act as a debugging aid, for example, if there were BIOS-supplied AML that was triggering a leak. The point being here that a network card driver has a much more well-defined set of what can happen than a fully pluggable interpreter for third party code.
It just seems like different shades to me, rather than some completely
different thing. A single network driver, maybe, but consider that untrusted
input influences a very large part of the entire network stack... Or a
filesystem.
Basically, if the data is really untrusted or likely to result in a leak,
then it should be detected and sanitized properly, rather than being allowed
to leak.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2009-01-05 6:55 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-01 8:31 Nick Piggin
2008-12-01 11:18 ` Pekka Enberg
2008-12-01 12:00 ` Nick Piggin
2008-12-01 13:12 ` Alexey Starikovskiy
2008-12-01 13:36 ` Nick Piggin
2008-12-01 14:14 ` Alexey Starikovskiy
2008-12-01 16:32 ` Nick Piggin
2008-12-01 17:18 ` Christoph Hellwig
2008-12-01 17:32 ` Alexey Starikovskiy
2008-12-01 13:37 ` Pekka Enberg
2008-12-01 14:02 ` Alexey Starikovskiy
2008-12-01 16:14 ` Nick Piggin
2008-12-01 16:45 ` Alexey Starikovskiy
2008-12-01 16:58 ` Nick Piggin
2008-12-01 17:20 ` Moore, Robert
2008-12-01 17:30 ` Andi Kleen
2008-12-01 17:32 ` Moore, Robert
2008-12-01 17:20 ` Christoph Hellwig
2008-12-01 17:49 ` Alexey Starikovskiy
2008-12-01 17:53 ` Len Brown
2008-12-01 18:10 ` Nick Piggin
2008-12-31 22:04 ` Len Brown
2009-01-05 4:14 ` Nick Piggin
2009-01-05 5:43 ` Skywing
2009-01-05 6:55 ` Nick Piggin [this message]
2008-12-01 14:32 ` Christoph Lameter
2008-12-01 14:48 ` Alexey Starikovskiy
2008-12-01 16:20 ` Nick Piggin
2008-12-01 17:04 ` Alexey Starikovskiy
2008-12-01 17:12 ` Nick Piggin
2008-12-01 17:25 ` Pekka Enberg
2008-12-01 17:32 ` Pekka Enberg
2008-12-01 17:36 ` Alexey Starikovskiy
2008-12-01 17:48 ` Pekka Enberg
2008-12-01 18:09 ` Christoph Lameter
2008-12-01 17:43 ` Alexey Starikovskiy
2008-12-01 17:31 ` Len Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090105065551.GB5209@wotan.suse.de \
--to=npiggin@suse.de \
--cc=Skywing@valhallalegends.com \
--cc=aystarik@gmail.com \
--cc=hch@infradead.org \
--cc=lenb@kernel.org \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=penberg@cs.helsinki.fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox