Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp1452574pxu; Thu, 8 Oct 2020 11:49:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwzYLiy4efEsUeMi2S0EDQ/1OjXDQrl8dFee2rZgHMO8CxWQsKUMXBvFruNZikfVdr0F2c/ X-Received: by 2002:a05:6402:941:: with SMTP id h1mr2678209edz.154.1602182959904; Thu, 08 Oct 2020 11:49:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1602182959; cv=none; d=google.com; s=arc-20160816; b=vPas/q5NXte+Kl1S3q3R8nR2hoYVRKQrqdF+VP4A0UbbbSxTgM5IM6GNCr/FKKiaVh VQWZMab62ESZBF0Uh5QodKYbWtcb4GCbZ29KUdFM7P/BtFPIIeu29wwtw2ny9Xm+F2Jf RDj1kIUEdjpNtjt0KoYuP6w92wyPm6eKU0i8Rcl3LQuTNzuOXw2EXuAmL6VzWrLh4DV7 Ct/yt3yKY+SX4IZsyU4lxEbVyTxeZwoFRZgqCmvObFhTqgOALNT4u1mgJE5UJz5nUyGr ACkHX6g0rfjWq6ZOWoALHKt3QAyf6C3GfveLRqvX7IgrcqlHALbeAtFuhYYlFAimPjtK nO1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=Rhut7fqpaoq3MhbllV5fKKQkrXAlHWXe1jVhLgupsFg=; b=foIhSP9dyzN+ub0nEmzToGkFWg41E6psd0OvWl3Hm4/F77ubWxhKuHCwK/y1vpZ1wy XHsSbwTFqFJYh5gUuLA8diI/sirJoWmUsE7jS/XSDrtycNX895aY2UgLDtBME+R2AaWY aNy0yxMq4jKOkXE7MNZwyWSmSfb2hQLJahPPAxqQ75xKbDZzVpHQ6aqFHFzcRPlqZU8u fUlxNgqAZpAxaPowXp11RlznlL0taom8qjjoFTCRjWudp40nGbY+SjOBd+cnqYBFNyeK b49/tf/AvtTaRD2jgzzMQDG0yxPOzyc1DvkZEO+5v4jDRYJZ7Kzuxbn73DcFT548x9cV eRMw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b="qarES/+1"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l31si4519663edl.524.2020.10.08.11.48.56; Thu, 08 Oct 2020 11:49:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b="qarES/+1"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731344AbgJHRlZ (ORCPT + 99 others); Thu, 8 Oct 2020 13:41:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58362 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725888AbgJHRlZ (ORCPT ); Thu, 8 Oct 2020 13:41:25 -0400 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 56E18C061755; Thu, 8 Oct 2020 10:41:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=Rhut7fqpaoq3MhbllV5fKKQkrXAlHWXe1jVhLgupsFg=; b=qarES/+1XNKcQx3evKHbUX/o/2 pEemqwzwsLRa6tFhQuoQetXxyM8+ojno0EFBK4RD5V6GfxK6J9NFHuhYpKdrHuAZ3Qs9nSIms4vQD z9vcXOezBzjGYCkyfH3XAMVD7gvpjRUeCmXGNntP4tCFaYvcGyH6YLj5+1pAPB4u/Of+1oGDT94vF ZGbRTjwNiJ8Lh4Qe0zpYblKI5Q7Dek1Zd4riizFumCC+cJm+Fk0SjuizMXUojXt0giMYyxJ4EmMeN LSV/eXglJL72XqxplGsbGLyiy3+4duNvqgOR1RZcj/2vQZmpVbaiyzil14ExISXZSJdD6hfXeaECr CeZ+PHdg==; Received: from willy by casper.infradead.org with local (Exim 4.92.3 #3 (Red Hat Linux)) id 1kQZus-00015k-VS; Thu, 08 Oct 2020 17:41:23 +0000 Date: Thu, 8 Oct 2020 18:41:22 +0100 From: Matthew Wilcox To: Jann Horn Cc: Topi Miettinen , linux-hardening@vger.kernel.org, Andrew Morton , Linux-MM , kernel list Subject: Re: [PATCH RESEND v2] mm: Optional full ASLR for mmap() and mremap() Message-ID: <20201008174122.GM20115@casper.infradead.org> References: <20201008165408.38228-1-toiwoton@gmail.com> <20201008172300.GL20115@casper.infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Oct 08, 2020 at 07:26:31PM +0200, Jann Horn wrote: > On Thu, Oct 8, 2020 at 7:23 PM Matthew Wilcox wrote: > > On Thu, Oct 08, 2020 at 07:13:51PM +0200, Jann Horn wrote: > > > And for expanding stacks, it might be a good idea for other > > > reasons as well (locking consistency) to refactor them such that the > > > size in the VMA tree corresponds to the maximum expansion of the stack > > > (and if an allocation is about to fail, shrink such stack mappings). > > > > We're doing that as part of the B-tree ;-) Although not the shrink > > stack mappings part ... > > Wheee, thanks! Finally no more data races on ->vm_start? Ah, maybe still that. The B-tree records the start of the mapping in the tree, but we still keep vma->vm_start as pointing to the current top of the stack (it's still the top if it grows down ... right?) The key is that these numbers may now be different, so from the tree's point of view, the vm addresses for 1MB below the stack appear to be occupied. From the VMA's point of view, the stack finishes where it was last accessed. We also get rid of the insanity of "return the next VMA if there's no VMA at this address" which most of the callers don't want and have to check for. Again, from the tree's point of view, there is a VMA at this address, but from the VMA's point of view, it'll need to expand to reach that address. I don't think this piece is implemented yet, but it's definitely planned.