Module Name: src
Committed By: maxv
Date: Sat Apr 13 08:41:37 UTC 2019
Modified Files:
src/sys/arch/amd64/conf: GENERIC
src/sys/conf: files
src/sys/kern: subr_pool.c
src/sys/sys: pool.h
Log Message:
Introduce POOL_QUARANTINE, a feature that creates a window during which a
freed buffer cannot be reallocated. This greatly helps detecting
use-after-frees, because they are not short-lived anymore.
We maintain a per-pool fifo of 128 buffers. On each pool_put, we do a real
free of the oldest buffer, and insert the new buffer. Before insertion, we
mark the buffer as invalid with KASAN. On each pool_cache_put, we destruct
the object, so it lands in pool_put, and the quarantine is handled there.
POOL_QUARANTINE can be used in conjunction with KASAN to detect more
use-after-free bugs.
To generate a diff of this commit:
cvs rdiff -u -r1.521 -r1.522 src/sys/arch/amd64/conf/GENERIC
cvs rdiff -u -r1.1233 -r1.1234 src/sys/conf/files
cvs rdiff -u -r1.248 -r1.249 src/sys/kern/subr_pool.c
cvs rdiff -u -r1.87 -r1.88 src/sys/sys/pool.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
