Why do we need atomic_set_unchecked

Discuss and suggest new grsecurity features

Why do we need atomic_set_unchecked

Postby johnspaul92 » Mon May 27, 2013 4:19 am

When i tried to apply the GrSecurity patch on linux kernel 3.10 and there the patch actually modifies atomic_set to atomic_set_unchecked. When i checked the gcc patch to compile this code it just redefines atomic_set as atomic_set_unchecked. So what is the use of changing the function name.?? Am I missing something here(i.e have they given a new definition for this function anywhere else). And i would also like to know what this function(atomic_set_unchecked. I know about the atomic_set function) is used for.
johnspaul92
 
Posts: 6
Joined: Mon May 27, 2013 4:17 am

Re: Why do we need atomic_set_unchecked

Postby PaX Team » Tue May 28, 2013 3:38 pm

PaX has a feature called REFCOUNT that protects against refcount overflows at runtime. this feature is based on the observation that most refcounts in the kernel use the atomic types and corresponding accessors so we instrument them for signed overflow detection. now it so happens that some of the atomic type users in the kernel are not actual refcounts and can legitimately overflow (or at least overflowing them has no immediate security impact) so we have to special case them, this is done by the *_unchecked types and accessors which omit the instrumentation to detect overflow. as for supporting 3.10, we'll move to it when it gets released, our current latest supported version is 3.9.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm


Return to grsecurity development