Hi, Here's my current progress on using per-call-site kmalloc caches (instead of KMALLOC_NORMAL), as a defense against the common heap-grooming attacks that construct malicious objects in the same cache as a target object. I'd like to get feedback on the general approach before I continue with it. I've noted in the later patches what additional improvements I'd like to make. The first 3 patches are relatively small infrastructure changes. Thanks! -Kees Kees Cook (5): slab: Introduce kmem_buckets_destroy() codetag: Run module_load hooks for builtin codetags codetag: Introduce codetag_early_walk() alloc_tag: Track fixed vs dynamic sized kmalloc calls slab: Allocate and use per-call-site caches include/linux/alloc_tag.h | 38 +++++++++-- include/linux/codetag.h | 2 + include/linux/slab.h | 17 ++--- lib/alloc_tag.c | 129 +++++++++++++++++++++++++++++++++++--- lib/codetag.c | 21 +++++-- mm/Kconfig | 25 ++++++++ mm/slab_common.c | 18 +++++- mm/slub.c | 31 ++++++++- 8 files changed, 253 insertions(+), 28 deletions(-) -- 2.34.1
