Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752035AbdGDMdU (ORCPT ); Tue, 4 Jul 2017 08:33:20 -0400 Received: from mx2.suse.de ([195.135.220.15]:56427 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1750838AbdGDMdT (ORCPT ); Tue, 4 Jul 2017 08:33:19 -0400 Date: Tue, 4 Jul 2017 14:33:14 +0200 From: Michal Hocko To: Ben Hutchings Cc: Willy Tarreau , Linus Torvalds , Hugh Dickins , Oleg Nesterov , "Jason A. Donenfeld" , Rik van Riel , Larry Woodman , "Kirill A. Shutemov" , Tony Luck , "James E.J. Bottomley" , Helge Diller , James Hogan , Laura Abbott , Greg KH , "security@kernel.org" , linux-distros@vs.openwall.org, Qualys Security Advisory , LKML , Ximin Luo Subject: Re: [PATCH] mm: larger stack guard gap, between vmas Message-ID: <20170704123314.GO14722@dhcp22.suse.cz> References: <1498042057.2655.8.camel@decadent.org.uk> <1499126133.2707.20.camel@decadent.org.uk> <20170704084122.GC14722@dhcp22.suse.cz> <20170704093538.GF14722@dhcp22.suse.cz> <20170704094728.GB22013@1wt.eu> <20170704104211.GG14722@dhcp22.suse.cz> <20170704113611.GA4732@decadent.org.uk> <20170704115959.GM14722@dhcp22.suse.cz> <1499170862.2707.27.camel@decadent.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1499170862.2707.27.camel@decadent.org.uk> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2412 Lines: 58 On Tue 04-07-17 13:21:02, Ben Hutchings wrote: > On Tue, 2017-07-04 at 14:00 +0200, Michal Hocko wrote: > > On Tue 04-07-17 12:36:11, Ben Hutchings wrote: > > > On Tue, 2017-07-04 at 12:42 +0200, Michal Hocko wrote: > > > > On Tue 04-07-17 11:47:28, Willy Tarreau wrote: > > > > > On Tue, Jul 04, 2017 at 11:35:38AM +0200, Michal Hocko wrote: > > > > > > [...] > > > > > But wouldn't this completely disable the check in case such a guard page > > > > > is installed, and possibly continue to allow the collision when the stack > > > > > allocation is large enough to skip this guard page ? > > > > > > > > Yes and but a PROT_NONE would fault and as the changelog says, we _hope_ > > > > that userspace does the right thing. > > > > > > It may well not be large enough, because of the same wrong assumptions > > > that resulted in the kernel's guard page not being large enough.??We > > > should count it as part of the guard gap but not a substitute. > > > > yes, you are right of course. But isn't this a bug on their side > > considering they are managing their _own_ stack gap? > > Yes it's their bug, but you know the rule - don't break user-space. Absolutely, that is why I belive we should consider the prev VMA but doing anything more just risks for new regressions. Or why do you think that not-checking them would cause a regression? > > Our stack gap > > management is a best effort thing and two such approaches competing will > > always lead to weird cornercases. That was my assumption when saying > > that I am not sure this is really _worth_ it. We should definitely try > > to workaround clashes but that's about it. If others think that we > > should do everything to prevent even those issues I will not oppose > > of course. It just adds more cycles to something that is a weird case > > already. > > I don't want odd behaviour to weaken the stack guard. > > > [...] > > > > > This *doesn't* fix the LibreOffice regression on i386. > > > > Are there any details about this regression? > > Here: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303#170 > > I haven't reproduced it in Writer, but if I use Base to create a new > HSQLDB database it reliably crashes (HSQLDB is implemented in Java). I haven't read through previous 169 comments but I do not see any stack trace. Ideally with info proc mapping that would tell us the memory layout. -- Michal Hocko SUSE Labs