[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210316115248.GB18822@zn.tnic>
Date: Tue, 16 Mar 2021 12:52:48 +0100
From: Borislav Petkov <bp@...e.de>
To: "Chang S. Bae" <chang.seok.bae@...el.com>
Cc: tglx@...utronix.de, mingo@...nel.org, luto@...nel.org,
x86@...nel.org, len.brown@...el.com, dave.hansen@...el.com,
hjl.tools@...il.com, Dave.Martin@....com, jannh@...gle.com,
mpe@...erman.id.au, carlos@...hat.com, tony.luck@...el.com,
ravi.v.shankar@...el.com, libc-alpha@...rceware.org,
linux-arch@...r.kernel.org, linux-api@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v7 5/6] x86/signal: Detect and prevent an alternate
signal stack overflow
On Mon, Mar 15, 2021 at 11:52:14PM -0700, Chang S. Bae wrote:
> @@ -272,7 +275,8 @@ get_sigframe(struct k_sigaction *ka, struct pt_regs *regs, size_t frame_size,
> * If we are on the alternate signal stack and would overflow it, don't.
> * Return an always-bogus address instead so we will die with SIGSEGV.
> */
> - if (onsigstack && !likely(on_sig_stack(sp)))
> + if (onsigstack && unlikely(sp <= current->sas_ss_sp ||
> + sp - current->sas_ss_sp > current->sas_ss_size))
> return (void __user *)-1L;
So clearly I'm missing something because trying to trigger the test case
in the bugzilla:
https://bugzilla.kernel.org/show_bug.cgi?id=153531
on current tip/master doesn't work. Runs with MY_MINSIGSTKSZ under 2048
fail with:
tst-minsigstksz-2: sigaltstack: Cannot allocate memory
and above 2048 don't overwrite bytes below the stack.
So something else is missing. How did you test this patch?
Thx.
--
Regards/Gruss,
Boris.
SUSE Software Solutions Germany GmbH, GF: Felix Imendörffer, HRB 36809, AG Nürnberg
Powered by blists - more mailing lists