Yes I had considered it rather apparent I was referring to the page at the virtual address zero, but I've definitely referred to the CoW page used for private anonymous mappings as the "zero page" too, so I understand…
My understanding is that Rust is particularly lacking in the hardware interface area - a feature of incredible importance for kernels. In fact, that is the Kernel's primary function - to serve as an interface between…
The real issue with this error is not the panic of course - it's the fact that during a panic, C doesn't provide a canonical way of unwinding whatever actions have been performed so far. Rust (or even C++) do provide a…
To the contrary, I appreciate azakai's enthusiasm for seeking solutions, and also credit the fact that they came up with exactly the same solution we used to mitigate the issue.
The irony isn't lost on me that the one conceivable hotpath is this exploit technique...
It can be a lot slower too - but it's most dependent on how the kernel handles console logging. Serial consoles slow it down dramatically, which is why it's so much quicker on your typical GUI enabled setup.
Yes, there is now an oops limit, specifically because of this technique - see the conclusion paragraph.
Thankfully this isolated flaw was quite easy to fix. And yes this code isn't likely to be on any hot paths, and code can always stand to have bounds/sanity checks (and it always should). But unfortunately encapsulating…
Yes I had considered it rather apparent I was referring to the page at the virtual address zero, but I've definitely referred to the CoW page used for private anonymous mappings as the "zero page" too, so I understand…
My understanding is that Rust is particularly lacking in the hardware interface area - a feature of incredible importance for kernels. In fact, that is the Kernel's primary function - to serve as an interface between…
The real issue with this error is not the panic of course - it's the fact that during a panic, C doesn't provide a canonical way of unwinding whatever actions have been performed so far. Rust (or even C++) do provide a…
To the contrary, I appreciate azakai's enthusiasm for seeking solutions, and also credit the fact that they came up with exactly the same solution we used to mitigate the issue.
The irony isn't lost on me that the one conceivable hotpath is this exploit technique...
It can be a lot slower too - but it's most dependent on how the kernel handles console logging. Serial consoles slow it down dramatically, which is why it's so much quicker on your typical GUI enabled setup.
Yes, there is now an oops limit, specifically because of this technique - see the conclusion paragraph.
Thankfully this isolated flaw was quite easy to fix. And yes this code isn't likely to be on any hot paths, and code can always stand to have bounds/sanity checks (and it always should). But unfortunately encapsulating…