Received: by 10.223.176.46 with SMTP id f43csp1217909wra;
        Fri, 26 Jan 2018 14:02:54 -0800 (PST)
X-Google-Smtp-Source: AH8x225UcvBuz235f7bImW9SijWRj5iHTolU4vnztrpXrJDfhw5xNjooZWz2a8ztJpCyx/jnRQ1h
X-Received: by 10.98.85.195 with SMTP id j186mr15730396pfb.77.1517004174592;
        Fri, 26 Jan 2018 14:02:54 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517004174; cv=none;
        d=google.com; s=arc-20160816;
        b=a+LM423lA2PavIdGw7QmL2fN+m2Jg0KzCo5Io146+DKEhJek1fOi0Qy4WjJ2jSYtEK
         7i7UaPoA9vaPm8ex0KZioGkER6eAsXDAOfX92o3usEY7P3hjR1/4tgYfmL35xTVhrdWU
         aysUcKtJX7Km/s8V1oQhSVaWRJS+loOHcgUovMWswDcrlrt1zTafhntOvJnD3iVv9vtT
         brH94mxOd4o0nNQVVuqxHH/zLhiCicvayBaSxRQGsH7pRzMRMd9LKzXcBy3Ezo08HF8L
         70pn+AuR58ky2Nk5+ioe+KlagJXF9dWMPHwggrGm9lbrMNiv4B+bvRwLIXynmLbzNEBU
         QmmQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date
         :arc-authentication-results;
        bh=2htvV9rxn7DGhrHpP5wnEZnInu5Bsra7fTCWyiwvUwg=;
        b=c9r6i9UpGBLbbBoXysJCQW+KGfhKm8GVuL+OueTXFleoKS3uNyvdgcXBFXtjxwzZrY
         fLMjvKXUQVgwRFxo4+KchVlvhWYEz/2H8VGCZWS/XhmCDk5Q8t+FYlfOLtgeOwgu6p+v
         y0s1JzdYvdwFKaf1F6x/Z4HBtTv5uVxM+SpkczJCLYxh92pBVA+svihV/+VyiZs5ksjj
         abvrQBgMIzmRFvqpgf3n4wFuyxzIJkAedr9ZYkUblFTOtFFX5HdurC6rBwrvkya73IqT
         sTmLW5CgicJl302FiRogeiGSEyb0pEtPJh3nTUwtD1ZQfYImUcdK45gcDVORSAC6pcyS
         CQ8g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h9si3505002pgq.683.2018.01.26.14.02.40;
        Fri, 26 Jan 2018 14:02:54 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752101AbeAZWCP (ORCPT <rfc822;haroldgmz11@gmail.com>
        + 99 others); Fri, 26 Jan 2018 17:02:15 -0500
Received: from twin.jikos.cz ([91.219.245.39]:47131 "EHLO twin.jikos.cz"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751546AbeAZWCO (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 26 Jan 2018 17:02:14 -0500
Received: from twin.jikos.cz (jikos@[127.0.0.1])
        by twin.jikos.cz (8.13.6/8.13.6) with ESMTP id w0QM1OCw012446
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
        Fri, 26 Jan 2018 23:01:25 +0100
Received: from localhost (jikos@localhost)
        by twin.jikos.cz (8.13.6/8.13.6/Submit) with ESMTP id w0QM1L70012439;
        Fri, 26 Jan 2018 23:01:21 +0100
X-Authentication-Warning: twin.jikos.cz: jikos owned process doing -bs
Date:   Fri, 26 Jan 2018 23:01:21 +0100 (CET)
From:   Jiri Kosina <jikos@kernel.org>
To:     Kees Cook <keescook@chromium.org>
cc:     Andrew Morton <akpm@linux-foundation.org>,
        Andy Lutomirski <luto@kernel.org>,
        Jann Horn <jannh@google.com>, Ingo Molnar <mingo@kernel.org>,
        Laura Abbott <labbott@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Al Viro <viro@zeniv.linux.org.uk>,
        Sahara <keun-o.park@darkmatter.ae>,
        "Levin, Alexander (Sasha Levin)" <alexander.levin@verizon.com>,
        Michal Hocko <mhocko@suse.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
        linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com
Subject: Re: [PATCH] fork: Allow stack to be wiped on fork
In-Reply-To: <20180117055015.GA15256@beast>
Message-ID: <alpine.LRH.2.00.1801262259300.27010@gjva.wvxbf.pm>
References: <20180117055015.GA15256@beast>
User-Agent: Alpine 2.00 (LRH 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, 16 Jan 2018, Kees Cook wrote:

> diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h
> index 34f053a150a9..091f53fe31cc 100644
> --- a/include/linux/thread_info.h
> +++ b/include/linux/thread_info.h
> @@ -43,7 +43,9 @@ enum {
>  #define THREAD_ALIGN	THREAD_SIZE
>  #endif
>  
> -#if IS_ENABLED(CONFIG_DEBUG_STACK_USAGE) || IS_ENABLED(CONFIG_DEBUG_KMEMLEAK)
> +#if IS_ENABLED(CONFIG_DEBUG_STACK_USAGE) || \
> +    IS_ENABLED(CONFIG_DEBUG_KMEMLEAK) || \
> +    IS_ENABLED(CONFIG_CLEAR_STACK_FORK)
>  # define THREADINFO_GFP		(GFP_KERNEL_ACCOUNT | __GFP_ZERO)
>  #else
>  # define THREADINFO_GFP		(GFP_KERNEL_ACCOUNT)
> diff --git a/kernel/fork.c b/kernel/fork.c
> index 2295fc69717f..215b1ce2b2cd 100644
> --- a/kernel/fork.c
> +++ b/kernel/fork.c
> @@ -215,7 +215,7 @@ static unsigned long *alloc_thread_stack_node(struct task_struct *tsk, int node)
>  		if (!s)
>  			continue;
>  
> -#ifdef CONFIG_DEBUG_KMEMLEAK
> +#if IS_ENABLED(CONFIG_DEBUG_KMEMLEAK) || IS_ENABLED(CONFIG_CLEAR_STACK_FORK)
>  		/* Clear stale pointers from reused stack. */
>  		memset(s->addr, 0, THREAD_SIZE);
>  #endif

Is there any good reason not to do it symmetricaly also for non-vmapped 
stacks? (by passing __GFP_ZERO to alloc_pages_node())?

Thanks,

-- 
Jiri Kosina
SUSE Labs