DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 751DB22B68
MIME-Version: 1.0
In-Reply-To: <20170622143443.GA22690@1wt.eu>
References: <alpine.LSU.2.11.1706190355140.2626@eggly.anvils>
 <20170622123045.GA2694@decadent.org.uk> <20170622124659.GE22510@1wt.eu>
 <1498136291.2655.24.camel@decadent.org.uk> <dfd47818-d0fb-27e7-bfd0-01f7c75934b5@archlinux.org>
 <20170622135927.GA22684@1wt.eu> <1498140840.2655.28.camel@decadent.org.uk> <20170622143443.GA22690@1wt.eu>
From: Andy Lutomirski <luto@kernel.org>
Date: Thu, 22 Jun 2017 20:10:29 -0700
Message-ID: <CALCETrWVwkKqiSCQvwn8uyakSzb7wF5Um3=+cejR3PZV1mnCag@mail.gmail.com>
Subject: Re: [vs-plain] Re: [PATCH] mm: larger stack guard gap, between vmas
To: Willy Tarreau <w@1wt.eu>
Cc: Ben Hutchings <ben@decadent.org.uk>,
        Levente Polyak <anthraxx@archlinux.org>,
        Hugh Dickins <hughd@google.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Oleg Nesterov <oleg@redhat.com>, Michal Hocko <mhocko@kernel.org>,
        "Jason A. Donenfeld" <Jason@zx2c4.com>, Rik van Riel <riel@redhat.com>,
        Larry Woodman <lwoodman@redhat.com>,
        "Kirill A. Shutemov" <kirill@shutemov.name>,
        Tony Luck <tony.luck@intel.com>,
        "James E.J. Bottomley" <jejb@parisc-linux.org>,
        Helge Diller <deller@gmx.de>, James Hogan <james.hogan@imgtec.com>,
        Laura Abbott <labbott@redhat.com>, Greg KH <greg@kroah.com>,
        "security@kernel.org" <security@kernel.org>,
        linux-distros@vs.openwall.org,
        Qualys Security Advisory <qsa@qualys.com>,
        stable <stable@vger.kernel.org>, LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 703
Lines: 19

On Thu, Jun 22, 2017 at 7:34 AM, Willy Tarreau <w@1wt.eu> wrote:
> On Thu, Jun 22, 2017 at 03:14:00PM +0100, Ben Hutchings wrote:
>> On Thu, 2017-06-22 at 15:59 +0200, Willy Tarreau wrote:
>> > but I think Ben is currently looking
>> > for feedback on the validity of his backport which was a difficult
>> > task.
>>
>> Right.
>
> Ben, barring more feedback, I think your should put your patch to your
> stable queue so that Guenter can run his build+boot tests. They managed
> to spot a few issues in my patches and that will make you more confident
> regarding the whole architectures coverage.
>

Has anyone checked how grsecurity deals with this?  I think they have
a large stack guard gap.

--Andy