Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752286AbdGDMVk (ORCPT <rfc822;w@1wt.eu>);
        Tue, 4 Jul 2017 08:21:40 -0400
Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:48440 "EHLO
        shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1752203AbdGDMVj (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 4 Jul 2017 08:21:39 -0400
Message-ID: <1499170862.2707.27.camel@decadent.org.uk>
Subject: Re: [PATCH] mm: larger stack guard gap, between vmas
From: Ben Hutchings <ben@decadent.org.uk>
To: Michal Hocko <mhocko@kernel.org>
Cc: Willy Tarreau <w@1wt.eu>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Hugh Dickins <hughd@google.com>, Oleg Nesterov <oleg@redhat.com>,
        "Jason A. Donenfeld" <Jason@zx2c4.com>, Rik van Riel <riel@redhat.com>,
        Larry Woodman <lwoodman@redhat.com>,
        "Kirill A. Shutemov" <kirill@shutemov.name>,
        Tony Luck <tony.luck@intel.com>,
        "James E.J. Bottomley" <jejb@parisc-linux.org>,
        Helge Diller <deller@gmx.de>, James Hogan <james.hogan@imgtec.com>,
        Laura Abbott <labbott@redhat.com>, Greg KH <greg@kroah.com>,
        "security@kernel.org" <security@kernel.org>,
        linux-distros@vs.openwall.org,
        Qualys Security Advisory <qsa@qualys.com>,
        LKML <linux-kernel@vger.kernel.org>, Ximin Luo <infinity0@debian.org>
Date: Tue, 04 Jul 2017 13:21:02 +0100
In-Reply-To: <20170704115959.GM14722@dhcp22.suse.cz>
References: <1498009101.2655.6.camel@decadent.org.uk>
         <20170621092419.GA22051@dhcp22.suse.cz>
         <1498042057.2655.8.camel@decadent.org.uk>
         <1499126133.2707.20.camel@decadent.org.uk>
         <CA+55aFzMX72+Kb=zNgjCf6UfPt+C+e7WDp_rpbSLuOVx1k7iqg@mail.gmail.com>
         <20170704084122.GC14722@dhcp22.suse.cz>
         <20170704093538.GF14722@dhcp22.suse.cz> <20170704094728.GB22013@1wt.eu>
         <20170704104211.GG14722@dhcp22.suse.cz>
         <20170704113611.GA4732@decadent.org.uk>
         <20170704115959.GM14722@dhcp22.suse.cz>
Content-Type: multipart/signed; micalg="pgp-sha512";
        protocol="application/pgp-signature"; boundary="=-zTSFiWoBRh/EMGa+Nb+P"
X-Mailer: Evolution 3.22.6-1 
Mime-Version: 1.0
X-SA-Exim-Connect-IP: 2a02:8011:400e:2:6f00:88c8:c921:d332
X-SA-Exim-Mail-From: ben@decadent.org.uk
X-SA-Exim-Scanned: No (on shadbolt.decadent.org.uk); SAEximRunCond expanded to false
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 3139
Lines: 83


--=-zTSFiWoBRh/EMGa+Nb+P
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Tue, 2017-07-04 at 14:00 +0200, Michal Hocko wrote:
> On Tue 04-07-17 12:36:11, Ben Hutchings wrote:
> > On Tue, 2017-07-04 at 12:42 +0200, Michal Hocko wrote:
> > > On Tue 04-07-17 11:47:28, Willy Tarreau wrote:
> > > > On Tue, Jul 04, 2017 at 11:35:38AM +0200, Michal Hocko wrote:
> >=20
> > [...]
> > > > But wouldn't this completely disable the check in case such a guard=
 page
> > > > is installed, and possibly continue to allow the collision when the=
 stack
> > > > allocation is large enough to skip this guard page ?
> > >=20
> > > Yes and but a PROT_NONE would fault and as the changelog says, we _ho=
pe_
> > > that userspace does the right thing.
> >=20
> > It may well not be large enough, because of the same wrong assumptions
> > that resulted in the kernel's guard page not being large enough.=C2=A0=
=C2=A0We
> > should count it as part of the guard gap but not a substitute.
>=20
> yes, you are right of course. But isn't this a bug on their side
> considering they are managing their _own_ stack gap?

Yes it's their bug, but you know the rule - don't break user-space.

> Our stack gap
> management is a best effort thing and two such approaches competing will
> always lead to weird cornercases. That was my assumption when saying
> that I am not sure this is really _worth_ it. We should definitely try
> to workaround clashes but that's about it. If others think that we
> should do everything to prevent even those issues I will not oppose
> of course. It just adds more cycles to something that is a weird case
> already.

I don't want odd behaviour to weaken the stack guard.

> [...]
>=20
> > This *doesn't* fix the LibreOffice regression on i386.
>=20
> Are there any details about this regression?

Here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D865303#170

I haven't reproduced it in Writer, but if I use Base to create a new
HSQLDB database it reliably crashes (HSQLDB is implemented in Java).

Ben.

--=20
Ben Hutchings
The world is coming to an end.	Please log off.

--=-zTSFiWoBRh/EMGa+Nb+P
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAllbiC4ACgkQ57/I7JWG
EQlvnhAAkwdkv9fyR8HYXpspBJFa7ofxMz/bksjm46zLd5CL+InLH4JDy1FhVoI+
ktxh6MO63dNxg8rR1ali0c7qm2NU/nnLu4WUdEMttxYCjEgl27FlpdOiPzOJpWcV
syijIA8qHRqdWUzxp+nWXMTP32X5MSIWP4ldp7VcxibHIABIx8SlWzrgZqhEEFL+
8YZH3VZK6kMpbXFZApUNbQEoSsg21aGcdUIZiFgKm7lsBj1DIPavdfBRht2+vm1P
W/4lr6xujWyDqs8xUc5Ch1B55Mvw3HrxacsK1ugM5y2Dy4LZ4JExVv7mE6SN8zbo
HXDVvejKRajuhx5CAt7LjQtbmVBL3rJIU78nyYPZpFKUh8XakYq42G/L2UdhjhLs
9otdPP7RClbBhpHFkH/nkohE9Y5jvQitEFXK9AGEn9Nfu/RWBOpIvD3rVmmJh3W8
WoGECnCwmHP8h8eV9J3MWLz80qeGHqr0pI27JhX2Ciyn22aNeRCEGgIpEVsxKA4O
JJCeHUmmfuMoKbL6+y4OXKQFUK2yQVpLjimxRVP76eJo7zH/QuligSpic7IAysRc
QuLX2FF3oOYzSeosrXTdpc50hzYfBmrHqzslO+dZBGAc9OEXPNl6IbbdU6JXp1/9
xf0Ee2u5dgN0v0zWAZNTai/WElM/StrGajCnXwEcdQ56iYRUx4c=
=NFYh
-----END PGP SIGNATURE-----

--=-zTSFiWoBRh/EMGa+Nb+P--