| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Oct 2021 22:31:46 +0800
From: sxwjean@...com
To: linux-mm@...ck.org, x86@...nel.org
Cc: Xiongwei Song <sxwjean@...il.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Kees Cook <keescook@...omium.org>,
"H. Peter Anvin" <hpa@...or.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Andy Lutomirski <luto@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Arnd Bergmann <arnd@...db.de>,
Al Viro <viro@...iv.linux.org.uk>,
Gabriel Krisman Bertazi <krisman@...labora.com>,
Lai Jiangshan <laijs@...ux.alibaba.com>,
Huang Rui <ray.huang@....com>,
Yazen Ghannam <yazen.ghannam@....com>,
Kim Phillips <kim.phillips@....com>,
Oleg Nesterov <oleg@...hat.com>,
Balbir Singh <sblbir@...zon.com>,
"David S. Miller" <davem@...emloft.net>, sxwjean@...com,
linux-kernel@...r.kernel.org
Subject: [PATCH v2 2/6] mm/util: Allow to pass a specific task size when getting mmapping base
From: Xiongwei Song <sxwjean@...il.com>
In x86, a 64bit task may invoke a 32 bit syscall, which is in compat
syscall. Then we have to provide 32bit mapping base.
Signed-off-by: Xiongwei Song <sxwjean@...il.com>
---
mm/util.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/mm/util.c b/mm/util.c
index 40b1a8837c0b..38326ef21a3b 100644
--- a/mm/util.c
+++ b/mm/util.c
@@ -385,14 +385,15 @@ static int mmap_is_legacy(struct rlimit *rlim_stack)
#define MIN_GAP (SZ_128M)
#define MAX_GAP (STACK_TOP / 6 * 5)
-static unsigned long mmap_base(unsigned long rnd, struct rlimit *rlim_stack)
+static unsigned long mmap_base(unsigned long rnd, unsigned long task_size,
+ struct rlimit *rlim_stack)
{
unsigned long gap = rlim_stack->rlim_cur;
unsigned long pad = stack_guard_gap;
/* Account for stack randomization if necessary */
if (current->flags & PF_RANDOMIZE)
- pad += (STACK_RND_MASK << PAGE_SHIFT);
+ pad += (in_compat_syscall() ? 0x7ff : STACK_RND_MASK) << PAGE_SHIFT;
/* Values close to RLIM_INFINITY can overflow. */
if (gap + pad > gap)
@@ -403,7 +404,7 @@ static unsigned long mmap_base(unsigned long rnd, struct rlimit *rlim_stack)
else if (gap > MAX_GAP)
gap = MAX_GAP;
- return PAGE_ALIGN(STACK_TOP - gap - rnd);
+ return PAGE_ALIGN(task_size - gap - rnd);
}
void arch_pick_mmap_layout(struct mm_struct *mm, struct rlimit *rlim_stack)
@@ -418,7 +419,7 @@ void arch_pick_mmap_layout(struct mm_struct *mm, struct rlimit *rlim_stack)
mm->mmap_base = mm->mmap_legacy_base;
mm->get_unmapped_area = arch_get_unmapped_area;
} else {
- mm->mmap_base = mmap_base(random_factor, rlim_stack);
+ mm->mmap_base = mmap_base(random_factor, STACK_TOP, rlim_stack);
mm->get_unmapped_area = arch_get_unmapped_area_topdown;
}
}
--
2.30.2
Powered by blists - more mailing lists