Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp10875011ybi; Thu, 25 Jul 2019 06:24:45 -0700 (PDT) X-Google-Smtp-Source: APXvYqxx7ncg7cW8ATEaTfXDbeuvCbt3sIF3p45St5NppvLiPFIaC7lfMnhKQTiAiTOe+0Uz+dn4 X-Received: by 2002:a17:90a:24ac:: with SMTP id i41mr91760980pje.124.1564061085447; Thu, 25 Jul 2019 06:24:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564061085; cv=none; d=google.com; s=arc-20160816; b=GVlRkAgqFSgk+3IjKOy9z+AOCLMkRr4DBbcJLB72Glv9RxgwIoF2Daz/m84hIYevgf xQ0hBZ6Xrhpmmr3XEC7PCxRqsJVwLkbBuMwCTKdxiSCkirItHnOo5wx7F5Wfbvgg8dth ILScK5yyDHMEZUJUds6P4y232uRjO9fpB1TExeqglQmdlB4gf7tuvekUoH7p1Z1S3vFV mdZkCKxpxEZMElUm5qzV+09a83mbwh7SpG7N23hQpg7KVS850cACI1fESGQAFfo2Yiz2 Z+ojgBBqypVYfvy996ncXf4aUSXTKVPj61L3x3Ho0J8cpzLgN1iHRQvNG/qPQWSRRu8v geHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=A5fpHhkBLopjEAVRdvHy+BaH175D9mtLGLFtLihQLSk=; b=eKY6JaNoyNOsby2vCsiiedD/Kh3uYLB1Xb/4sgL1c9gsZre6sUWeDjgcbwIokicNWA MB1qk1b0scM3TfX+7MjGYGf+oaj19eaHWijnt+jgn7awLQL96LWHZ5nDkuQnXjjsAwgK IuFxAZqm3dCyequxGTWIt9WP+vfWr40N48bjWSKEYrUTovS8cyUtjiwMqdue36ixv9l8 xIpR15soGWs2Vj+4Tx4+4EmcFAzRU4jm4FnbJnALjU60qHOhEvBCjn03XIRi7UbxJ35p JqqMYouZJhAOL1ma0talm3bewS3Lk/c9DnP6JYKkrTdRuGmtkIpl4MGwKXyJXzDyktf4 19Uw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g13si18100001pfo.22.2019.07.25.06.24.29; Thu, 25 Jul 2019 06:24:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389581AbfGYKPD (ORCPT + 99 others); Thu, 25 Jul 2019 06:15:03 -0400 Received: from foss.arm.com ([217.140.110.172]:54824 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389418AbfGYKPD (ORCPT ); Thu, 25 Jul 2019 06:15:03 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9A82F28; Thu, 25 Jul 2019 03:15:02 -0700 (PDT) Received: from lakrids.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id CD3273F694; Thu, 25 Jul 2019 03:15:00 -0700 (PDT) Date: Thu, 25 Jul 2019 11:14:58 +0100 From: Mark Rutland To: Dmitry Vyukov Cc: Marco Elver , LKML , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Andrey Ryabinin , Alexander Potapenko , Andrey Konovalov , Peter Zijlstra , the arch/x86 maintainers , kasan-dev , Daniel Axtens Subject: Re: [PATCH 1/2] kernel/fork: Add support for stack-end guard page Message-ID: <20190725101458.GC14347@lakrids.cambridge.arm.com> References: <20190719132818.40258-1-elver@google.com> <20190723164115.GB56959@lakrids.cambridge.arm.com> <20190724112101.GB2624@lakrids.cambridge.arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.11.1+11 (2f07cb52) (2018-12-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jul 25, 2019 at 09:53:08AM +0200, Dmitry Vyukov wrote: > On Wed, Jul 24, 2019 at 1:21 PM Mark Rutland wrote: > > > > On Wed, Jul 24, 2019 at 11:11:49AM +0200, Dmitry Vyukov wrote: > > > On Tue, Jul 23, 2019 at 6:41 PM Mark Rutland wrote: > > > > > > > > On Fri, Jul 19, 2019 at 03:28:17PM +0200, Marco Elver wrote: > > > > > Enabling STACK_GUARD_PAGE helps catching kernel stack overflows immediately > > > > > rather than causing difficult-to-diagnose corruption. Note that, unlike > > > > > virtually-mapped kernel stacks, this will effectively waste an entire page of > > > > > memory; however, this feature may provide extra protection in cases that cannot > > > > > use virtually-mapped kernel stacks, at the cost of a page. > > > > > > > > > > The motivation for this patch is that KASAN cannot use virtually-mapped kernel > > > > > stacks to detect stack overflows. An alternative would be implementing support > > > > > for vmapped stacks in KASAN, but would add significant extra complexity. > > > > > > > > Do we have an idea as to how much additional complexity? > > > > > > We would need to map/unmap shadow for vmalloc region on stack > > > allocation/deallocation. We may need to track shadow pages that cover > > > both stack and an unused memory, or 2 different stacks, which are > > > mapped/unmapped at different times. This may have some concurrency > > > concerns. Not sure what about page tables for other CPU, I've seen > > > some code that updates pages tables for vmalloc region lazily on page > > > faults. Not sure what about TLBs. Probably also some problems that I > > > can't thought about now. > > > > Ok. So this looks big, we this hasn't been prototyped, so we don't have > > a concrete idea. I agree that concurrency is likely to be painful. :) > FTR, Daniel just mailed: > > [PATCH 0/3] kasan: support backing vmalloc space with real shadow memory > https://groups.google.com/forum/#!topic/kasan-dev/YuwLGJYPB4I > Which presumably will supersede this. Neat! I'll try to follow that, (and thanks for the Cc there), but I'm not on any of the lists it went to. IMO it would be nice if subsequent versions would be Cc'd to LKML, if that's possible. :) Thanks, Mark.