Received: by 10.223.176.46 with SMTP id f43csp1244309wra;
        Fri, 26 Jan 2018 14:35:27 -0800 (PST)
X-Google-Smtp-Source: AH8x227jQxAtNUareqzBaIlYPswzLcY5r2EQu1BXJzJ74bWO9fZN1VfxWGwl95W6pwm15kCFUx8m
X-Received: by 10.98.150.213 with SMTP id s82mr20586765pfk.10.1517006126899;
        Fri, 26 Jan 2018 14:35:26 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517006126; cv=none;
        d=google.com; s=arc-20160816;
        b=gLBWuCCkj0Rf+YXxL62CRb3rxv4ULiMT5mWq6893SRLsBEbLljt+RvXVTiTxJSSMTJ
         kXYeVyvOwI6qF9jXaTPXvslWlRIWe0xb6+Vq1YmVw7vOZxoIPBBfV3L6laOTGrqiFfgW
         wq8G4gGm9UUgP6Iy9dLbuwZwhuSVvNVZ6CDU+cI/CTtkUQhCho0la/t1gxsWwgNpqLnf
         xbw0APlXLEMB0nr5THN5XEgjB5Jn8xwA8M8rPokTNcRL98k7SOjge3cpLjLvzB8uetqB
         sYi+EPmwthvUWu9lwSTG2VKHz5PbnwSuFDo2Y9A4g2O/uLUQFK6Gv/76i/RdGw4bfdlL
         mYXA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date
         :arc-authentication-results;
        bh=rioieSWwno7CTNvQPXDjuM6yfjrWWKStGH+gwG1KQrA=;
        b=H9FR3o9k8MAyY1XMKagVZE2DP+BfwC/DXQoF+P1Wuks4rlUw+k0Yi6l4PQzn3xNATH
         5yo8jk2dUTfVLcP8j/du85Ve4W8T7MLDYkXOjrk3PmrVnSlykcR7HDnjSftyc3NX62ox
         lpmQjSQwbB3535ePVm6UDW8TWxsSMYg2qNzAes0YiYfUxzdRUMI6eUuwn06GCIs5yw8+
         iWogTrA6jwGwgVj3dBPf7P9KTpNd0AQ0aOvjljAcbz/1s8SqkzT13AE9vyPoM6LXzVEz
         3XczEJSczmiY1SsYwa2v2mC8QkXHJIeooNbidJjqWA8tNkhJmZcEsXlFyaLEtFBh8/9z
         Z9vg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c193si6952023pfc.90.2018.01.26.14.35.12;
        Fri, 26 Jan 2018 14:35:26 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752535AbeAZWeW (ORCPT <rfc822;haroldgmz11@gmail.com>
        + 99 others); Fri, 26 Jan 2018 17:34:22 -0500
Received: from twin.jikos.cz ([91.219.245.39]:48716 "EHLO twin.jikos.cz"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751748AbeAZWeV (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 26 Jan 2018 17:34:21 -0500
Received: from twin.jikos.cz (jikos@[127.0.0.1])
        by twin.jikos.cz (8.13.6/8.13.6) with ESMTP id w0QMV2td016983
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
        Fri, 26 Jan 2018 23:31:03 +0100
Received: from localhost (jikos@localhost)
        by twin.jikos.cz (8.13.6/8.13.6/Submit) with ESMTP id w0QMV19j016980;
        Fri, 26 Jan 2018 23:31:01 +0100
X-Authentication-Warning: twin.jikos.cz: jikos owned process doing -bs
Date:   Fri, 26 Jan 2018 23:31:01 +0100 (CET)
From:   Jiri Kosina <jikos@kernel.org>
To:     Kees Cook <keescook@chromium.org>
cc:     Andrew Morton <akpm@linux-foundation.org>,
        Andy Lutomirski <luto@kernel.org>,
        Jann Horn <jannh@google.com>, Ingo Molnar <mingo@kernel.org>,
        Laura Abbott <labbott@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Al Viro <viro@zeniv.linux.org.uk>,
        Sahara <keun-o.park@darkmatter.ae>,
        "Levin, Alexander (Sasha Levin)" <alexander.levin@verizon.com>,
        Michal Hocko <mhocko@suse.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
        linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com
Subject: Re: [PATCH] fork: Allow stack to be wiped on fork
In-Reply-To: <alpine.LRH.2.00.1801262259300.27010@gjva.wvxbf.pm>
Message-ID: <alpine.LRH.2.00.1801262330200.27010@gjva.wvxbf.pm>
References: <20180117055015.GA15256@beast> <alpine.LRH.2.00.1801262259300.27010@gjva.wvxbf.pm>
User-Agent: Alpine 2.00 (LRH 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, 26 Jan 2018, Jiri Kosina wrote:

> > diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h
> > index 34f053a150a9..091f53fe31cc 100644
> > --- a/include/linux/thread_info.h
> > +++ b/include/linux/thread_info.h
> > @@ -43,7 +43,9 @@ enum {
> >  #define THREAD_ALIGN	THREAD_SIZE
> >  #endif
> >  
> > -#if IS_ENABLED(CONFIG_DEBUG_STACK_USAGE) || IS_ENABLED(CONFIG_DEBUG_KMEMLEAK)
> > +#if IS_ENABLED(CONFIG_DEBUG_STACK_USAGE) || \
> > +    IS_ENABLED(CONFIG_DEBUG_KMEMLEAK) || \
> > +    IS_ENABLED(CONFIG_CLEAR_STACK_FORK)
> >  # define THREADINFO_GFP		(GFP_KERNEL_ACCOUNT | __GFP_ZERO)
> >  #else
> >  # define THREADINFO_GFP		(GFP_KERNEL_ACCOUNT)
> > diff --git a/kernel/fork.c b/kernel/fork.c
> > index 2295fc69717f..215b1ce2b2cd 100644
> > --- a/kernel/fork.c
> > +++ b/kernel/fork.c
> > @@ -215,7 +215,7 @@ static unsigned long *alloc_thread_stack_node(struct task_struct *tsk, int node)
> >  		if (!s)
> >  			continue;
> >  
> > -#ifdef CONFIG_DEBUG_KMEMLEAK
> > +#if IS_ENABLED(CONFIG_DEBUG_KMEMLEAK) || IS_ENABLED(CONFIG_CLEAR_STACK_FORK)
> >  		/* Clear stale pointers from reused stack. */
> >  		memset(s->addr, 0, THREAD_SIZE);
> >  #endif
> 
> Is there any good reason not to do it symmetricaly also for non-vmapped 
> stacks? (by passing __GFP_ZERO to alloc_pages_node())?

Ah, of course you already do by extending THREADINFO_GFP, sorry for the 
noise.

-- 
Jiri Kosina