lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170622132814.GG22510@1wt.eu>
Date:   Thu, 22 Jun 2017 15:28:14 +0200
From:   Willy Tarreau <w@....eu>
To:     Ben Hutchings <ben@...adent.org.uk>
Cc:     Hugh Dickins <hughd@...gle.com>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Oleg Nesterov <oleg@...hat.com>,
        Michal Hocko <mhocko@...nel.org>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        Rik van Riel <riel@...hat.com>,
        Larry Woodman <lwoodman@...hat.com>,
        "Kirill A. Shutemov" <kirill@...temov.name>,
        Tony Luck <tony.luck@...el.com>,
        "James E.J. Bottomley" <jejb@...isc-linux.org>,
        Helge Diller <deller@....de>,
        James Hogan <james.hogan@...tec.com>,
        Laura Abbott <labbott@...hat.com>, Greg KH <greg@...ah.com>,
        security@...nel.org, linux-distros@...openwall.org, qsa@...lys.com,
        stable <stable@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] mm: larger stack guard gap, between vmas

On Thu, Jun 22, 2017 at 03:10:34PM +0200, Willy Tarreau wrote:
> On Thu, Jun 22, 2017 at 01:58:11PM +0100, Ben Hutchings wrote:
> > On Thu, 2017-06-22 at 14:46 +0200, Willy Tarreau wrote:
> > > On Thu, Jun 22, 2017 at 01:30:45PM +0100, Ben Hutchings wrote:
> > > > Here's my attempt at a backport to 3.2.  This is only tested on
> > > > x86_64 and I think I should introduce local variables for
> > > > vma_start_gap() in a few places.  I had to cherry-pick commit
> > > > 09884964335e "mm: do not grow the stack vma just because of an overrun
> > > > on preceding vma" before this one (which was a clean cherry-pick).
> > > 
> > > Ben, I can't apply it on top of 3.2.89 + the patch above, do you have
> > > any other patch in your local branch ? For example the patch tries to
> > > modify a hunk starting at line 183 of arch/arm/mm/mmap.c while the one
> > > I'm having here ends at line 159.
> > 
> > Sorry, yes, I did this on top of the Debian 3.2 branch and that *does*
> > have a patch to arch/arm/mm/mmap.c that I had forgotten about (commit
> > 7dbaa466780a "ARM: 7169/1: topdown mmap support").  I think you can
> > just drop the changes in ARM's arch_get_unmapped_area_topdown().
> 
> Thanks, I've just applied this one and it's building now. I'll run the
> same checks I did for 3.10.

So I tested this with gap.c on an i386 VM running 2G/2G split memory, all
went fine. It properly stopped the stack growth before colliding with anon
pages.

I noticed that you included Hugh's last fix in it (mm: fix new crash in
unmapped_area_topdown). You'll also need Helge's fix bd726c90b ("Allow
stack to grow up to address space limit"), which applies without issues
on top of your patch.

I would have happily tested on an ARM board but I don't seem to have
3.2-compatible ARM boards with 2G of RAM :-/

Willy

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ