See also this recent (Nov 2022) LWN article regarding the new oops limit: <a href="https://lwn.net/Articles/914878/" rel="nofollow">https://lwn.net/Articles/914878/</a>
IIUC steps 5-7 in the exploit cause around 2^32 oopses. I don't know much about the Linux kernel - could it perhaps have a limit on the number of oopses before it halts the entire system?<p>The article explains why it is important to not do that in general, as an oops allows debugging and recovery etc. But 2^32 of them seems suspicious.
When they say "map the zero page" in the article, it appears they are talking about the page with index zero, not the page with all zeros in it. Does anyone know if this is correct?
I'm really curious why there aren't more enterprise-grade, production ready kernels at this point. Isn't Rust nearing maturity? Doesn't the community have tonnes of enterprise ready C code that could be used as a reference (ie. Linux, BSD) of "what not to do"?<p>I'm not trying to start an argument here, I think the world knows that C/C++ make it way too easy to shoot ourselves in the foot by now. I know that writing operating systems is hard and takes a long time, i've written my own prototype single and multitasking operating systems for x86_32, 68k, Z80, 6502 etc. I'm aware that Rust support has been added to recent Linux kernels, for the limited use case of writing secure device drivers. None of these things are news to me, so please don't regurgitate these points.<p>But given the great body of reference that is available, the enthusiasm in the Rust community for the promise of more secure operating system kernels, I'm genuinely suprised that things aren't further along. Yes I'm aware of Redox, but it seems more aimed at desktop use, and last time I tried it didn't even boot.<p>Projects in C/C++ seem to be making much faster progress eg. SerenityOS than the Rust community. What is holding Rust back in this area? This is a genuine question, not intending to inflame the discussion. I'm spending some time learning Rust as I can afford, but am not opinionated one way or the other yet.<p>Where are all the Linux replacements that I would have imagined to be up and running by now given Rust's maturity? What am I missing here? Happy to be genuinely informed.<p>I kind of expected there to be a bunch of projects in flight by now, ala bazaar style, with the Rust community starting to conglomerate around the strongest contenders and move them forward at a rapid pace.
The article is about the exploitability of the flaw but really the flaw should not exist. Printing /proc/$pid/smaps is not on any conceivable performance-critical hot path. It can stand to have bounds checks and safety. The call to print out smaps should be well-encapsulated in some non-C language.