| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+55aFz1t2CHY5wpsd2K2Wi9DaY8S_+on4V+XU2cCkxmtBA3oA@mail.gmail.com>
Date: Wed, 5 Jul 2017 12:17:20 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Willy Tarreau <w@....eu>
Cc: Ben Hutchings <ben@...adent.org.uk>,
Michal Hocko <mhocko@...nel.org>,
Hugh Dickins <hughd@...gle.com>,
Oleg Nesterov <oleg@...hat.com>,
"Jason A. Donenfeld" <Jason@...c4.com>,
Rik van Riel <riel@...hat.com>,
Larry Woodman <lwoodman@...hat.com>,
"Kirill A. Shutemov" <kirill@...temov.name>,
Tony Luck <tony.luck@...el.com>,
"James E.J. Bottomley" <jejb@...isc-linux.org>,
Helge Diller <deller@....de>,
James Hogan <james.hogan@...tec.com>,
Laura Abbott <labbott@...hat.com>, Greg KH <greg@...ah.com>,
"security@...nel.org" <security@...nel.org>,
Qualys Security Advisory <qsa@...lys.com>,
LKML <linux-kernel@...r.kernel.org>,
Ximin Luo <infinity0@...ian.org>
Subject: Re: [PATCH] mm: larger stack guard gap, between vmas
On Wed, Jul 5, 2017 at 11:59 AM, Willy Tarreau <w@....eu> wrote:
>
> Don't you think that the option of having a sysctl to relax the check
> per task wouldn't be easier for distros and safer overall ? Ie, emit
> a warning the first time the gap is hit instead of segfaulting, then
> reduce it to something that used to work (4k or 64k, I don't remember)
> and try again ?
It used to be just 4k.
.. and I think that might be a valid way to find these things, but
would it be safer? It basically disables the new stack gap entirely
apart from the warning.
And maybe that's ok and distros prefer that?
Linus
Powered by blists - more mailing lists