Iyo Linux kernel 5.12, iri mukuvandudzwa, inosanganisira kuita kweKFence (Kernel Electric Fence) mashandiro, ayo anotarisa ndangariro kubata, kubata buffer overruns, ndangariro inopinda mushure mekusunungura, uye kumwe kukanganisa kwekirasi yakafanana.
Kuita kwakafanana kwaive kwatovepo mukernel muchimiro cheKASAN kuvaka sarudzo (kernel kero sanitizer, inoshandisa Kero Sanitizer mune yemazuvano gcc uye clang) - zvisinei, yakamisikidzwa kunyanya kushandiswa kwekugadzirisa. Iyo KFence subsystem inosiyana kubva kuKASAN mukumhanya kwayo kukuru, izvo zvinoita kuti zvikwanise kushandisa chimiro ichi kunyangwe pamacores mumasisitimu ekushanda.
Kushandisa pamasisitimu ekugadzira kuchaita kuti zvikwanise kubata zvikanganiso zvendangariro zvisingaonekwe mukumhanya kwebvunzo uye zvinongoonekwa panguva yekuremerwa kwebasa kana panguva yekushanda kwenguva refu (ine yakakura uptime). Pamusoro pezvo, kushandiswa kweKFence pamasisitimu ekugadzira kuchaita kuti zvikwanise kuwedzera zvakanyanya huwandu hwemichina inobatanidzwa mukutarisa kushanda kwekernel nendangariro.
KFence inowana zvishoma-yakazvimiririra kumusoro nekuisa mapeji evarindi mumurwi panguva dzakatarwa. Mushure mekunge nguva yekudzivirira inotevera yapera, KFence, kuburikidza neyakajairwa memory allocation system (SLAB kana SLUB allocator), inowedzera peji rinotevera rekudzivirira kubva kune KFence chinhu dziva, uye inotanga nyowani yenguva counter report. Chinhu chega chega cheKFence chiri mune imwe peji yekurangarira, uye mapeji ekurangarira ari parutivi rworuboshwe nekurudyi miganhu anoumba mapeji evarindi, saizi yaro inosarudzwa zvisina tsarukano.
Nokudaro, mapeji ane zvinhu akaparadzaniswa kubva kune rimwe nerimwe nemapeji ekudzivirira, ayo akagadzirirwa kuti abudise "peji kukanganisa" pane chero kupi zvako. Kuona kunze-kwe-muganho kunonyora mukati memapeji echinhu, pateni-yakavakirwa "nzvimbo dzvuku" inoshandiswa zvakare, iyo inogara ndangariro isingashandiswe nezvinhu, inosara kana saizi yemapeji endangariro yaenderana. —+————+————+————+———————————+—— | xxxxxxxx | O: | xxxxxxxx | :O | xxxxxxxx | | xxxxxxxx | B: | xxxxxxxx | :B | xxxxxxxx | | x GUARD x | J : RED- | x GUARD x | RED- : J | x GUARD x | | xxxxxxxx | E: ZONE | xxxxxxxx | ZONE: E | xxxxxxxx | | xxxxxxxx | C: | xxxxxxxx | :C | xxxxxxxx | | xxxxxxxx | T: | xxxxxxxx | : T | xxxxxxxx | —+————+————+————+———————————+—
Kana kuedza kukaitwa kuti uwane nzvimbo iri kunze kwemiganhu yebhefa, kushanda kunobata peji yekudzivirira, iyo inotungamirira kuchizvarwa che "peji kukanganisa", iyo inobata KFence uye inonyora ruzivo pamusoro pedambudziko rakaonekwa. Nekumisikidza, KFence haivharidzi chikanganiso uye inongoratidza yambiro mugiyo, asi pane "panic_on_warn" yekumisikidza iyo inokutendera iwe kuti uise kernel mukuvhunduka kana kukanganisa kwaonekwa.
Source: opennet.ru