lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <74df27ea-ad17-e869-695b-a7e8b042289c@linux-m68k.org>
Date:   Thu, 25 May 2023 12:13:46 +1000 (AEST)
From:   Finn Thain <fthain@...ux-m68k.org>
To:     Geert Uytterhoeven <geert@...ux-m68k.org>
cc:     Michael Schmitz <schmitzmic@...il.com>,
        Andreas Schwab <schwab@...ux-m68k.org>, stable@...r.kernel.org,
        linux-m68k@...ts.linux-m68k.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 1/1] m68k: Move signal frame following exception on
 68020/030

On Mon, 22 May 2023, Geert Uytterhoeven wrote:

> 
> Reviewed-by: Geert Uytterhoeven <geert@...ux-m68k.org>
> i.e. will queue as a fix in the m68k for-v6.4 branch.
> 

Thanks Geert!

> I plan to send this upstream later this week, so any additional
> testing would be appreciated.
> 

If there is a userland program that needs all of its sigaltstack space, 
and cannot accomodate a 256 byte margin, it will be hard to find that 
program. Often these signal stacks are used for handling (would-be) fatal 
signals that may not happen in regression testing.

If we fix the kernel and a failure eventually does show up in a userland 
program, we may be able to patch that program. Looking through Debian's 
codebase, which is easily searchable, I found lots of different ways to 
determine the signal stack size. But it's not clear to me which programs 
calculate it correctly.

Many programs take the architecture's SIGSTKSZ or MINSIGSTKSZ or 
getauxval(AT_MINSIGSTKSZ) or sysconf(_SC_SIGSTKSZ), or some combination, 
and then apply an arbitrary safety factor. Some add a constant or apply a 
lower bound that may reflect the actual requirements of the signal 
handler. Some just use page_size().

https://sources.debian.org/src/rust-generator/0.7.1-1/src/stack/unix.rs/?hl=85#L84
https://sources.debian.org/src/ocaml/4.13.1-4/runtime/signals_nat.c/?hl=293#L289
https://sources.debian.org/src/ruby3.1/3.1.2-7/signal.c/?hl=538#L531
https://sources.debian.org/src/python3.11/3.11.2-6/Modules/faulthandler.c/?hl=1385#L1368
https://sources.debian.org/src/llvm-toolchain-9/1:9.0.1-20/llvm/lib/Support/Unix/Signals.inc/?hl=259#L250
https://sources.debian.org/src/musl/1.2.3-1/src/aio/aio.c/?hl=98#L83
https://sources.debian.org/src/libreoffice/4:7.4.5-2/external/breakpad/SIGSTKSZ.patch/?hl=4#L4
https://sources.debian.org/src/libuv1/1.44.2-1/src/unix/thread.c/?hl=168#L165
https://sources.debian.org/src/stress-ng/0.15.08-1/core-helper.c/?hl=3290#L3276
https://sources.debian.org/src/cysignals/1.11.2+ds-2/src/cysignals/implementation.c/?hl=446#L442
https://sources.debian.org/src/vim/2:9.0.1378-2/src/os_unix.c/?hl=828#L811
https://sources.debian.org/src/m4/1.4.19-3/m4/sigaltstack.m4/?hl=88#L72
https://sources.debian.org/src/varnish/7.1.1-1.1/bin/varnishd/cache/cache_main.c/?hl=342#L330
https://sources.debian.org/src/sfxr-qt/1.5.0+ds-2/debian/patches/catch2-patch/?hl=3223#L3121

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ