Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp5568101pxu; Tue, 22 Dec 2020 22:57:52 -0800 (PST) X-Google-Smtp-Source: ABdhPJzGeOtGKhu3+ewsmbKftgL5WLaaCf1GhrSPkCXkRCWM4kZHVcnzILpPye1Cj1pVNnSlzOw0 X-Received: by 2002:a17:906:a008:: with SMTP id p8mr9951767ejy.117.1608706672593; Tue, 22 Dec 2020 22:57:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1608706672; cv=none; d=google.com; s=arc-20160816; b=Q7ItxAt+Aqw1TEyVjk3oyjcffPkqLN39EkzBwa5fq6h3D77Wi5quX9Ijmlw3oRYZrR a00udFHEkXspT4kAtmfQXWMecVAbhKf+KN/aoF52USNJAUmzRpBGGPaTKxGfqpr+J0fw rgrS2/KvcRQ7YfvOR67cnBoPyHPRTPW54N8pcZzKm6Vwj2V+OcShpsveo5yUwkBqBlAm izM4ltaQ+44MDci19Y/NzaV2ElGveTznr0Go2GPQkYwZEDghUXNkWORGvVi9yAuW15iS RXasfvuXtfx70C+TLH0cZWmiIMZ2GmbGHvHq1SJNs8bnWUKJ6bIerT/wJnhogQEdqY4t Mulg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=cZrzhSr/pdKYEZLCm/lYn281E5FTFj+lBXgzuYqewis=; b=xpRDuhZziYNhlHZ84rbU8bqnXudbCnNspdUL3lxcuP2A4QVFCcUtqKVXP0uf9WDiDw ZugKnjUL3SRYRclmr26/VZf4wryEXfh54U5T4Lkv2JWZIg3x8Ww5Hl8rb1SUVxwnKf6K a/OqhdyZrhHyX09GlRzYUbVhDmbNvNqTpN3IZcIQiYgG04ktUGrxPOFGuq5c4UvQ1Sst XW3HtDY0gCDvS6wOIYES2bTz+ZJynSGX9uy2++God9PATjGOYoTO3+cqEBGx+JzkLuAj 64EKrjT1yG2e2Nm9AX87C/E/sLYh16OXLiQLs6SonM+1nJNQVD3/YYWzOcsiEY9fNN0i X30g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=nUiKhlOD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q4si12805423eji.447.2020.12.22.22.57.30; Tue, 22 Dec 2020 22:57:52 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=nUiKhlOD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727029AbgLWG42 (ORCPT + 99 others); Wed, 23 Dec 2020 01:56:28 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50148 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726844AbgLWG42 (ORCPT ); Wed, 23 Dec 2020 01:56:28 -0500 Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1A6CFC0613D6 for ; Tue, 22 Dec 2020 22:55:48 -0800 (PST) Received: by mail-lf1-x12d.google.com with SMTP id o17so37769590lfg.4 for ; Tue, 22 Dec 2020 22:55:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=cZrzhSr/pdKYEZLCm/lYn281E5FTFj+lBXgzuYqewis=; b=nUiKhlODqvOOJyPNarx/Nboy2R+vlNQKWf2xevquzD2q9ylevyGtjrnYv73ZgaKGCl AhgxNvlObBaRR6giZMiP9DG25vWreYD/plnVWYqnGexQPZCI/Ny/i8DcpmFWmujU4+x4 dQ0dOkYZhLM9RFfp+uMm5Xv5nG23kXo+gRCH+Tr+Fr90EKuF12OAdXtu+lsCMhyAj0Dm mF7Ph7YEzlls+FiS2B/dAqbwVMR+uuTt2fJ4GJH3035s3I2mWJ3oNkLsZHgD9FqEP9Dm UZYWri/e6+oeKz0nLPKlMleF3U/zdQkZHqaXHjHk+CmLG785I/7iSP24lFFpI9WRPmSD vdWg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=cZrzhSr/pdKYEZLCm/lYn281E5FTFj+lBXgzuYqewis=; b=coBqfs5P9DUYS6qANQh7HZXU+ExOoN/fAZUBwnciuaa/XHWjyj7cThaDa3gI4yv49/ O4MV9AxIqxwabZgBJhMqn0G9cxuLytp1cQ62xGFgmBCAUkC/ma4avYSzFBfl6UpFBaLJ NLjh2UKrrQCgLpT23WdRJAJ0hxq1EQ9no3qURGymqaMbjzZZHbsFEvbRm7AUy7rs8kgO hQJM5/Rk1PP4J0cSpYrCgV7rE0QnJ1T7Dh1yxqmv4nc6eEOPcdeNTVb2oG01yQKO33CP dNMWiR6fUTFRIDOZeCoHKVv3c9lctxdlQoqyJU5LNEPGEZhl/BbI9U8upGpZjwH3Bffa 67Lg== X-Gm-Message-State: AOAM533EibasNBS9JGpcGVWOvIybb5U+op90arl+LT18lY5Z+/yffOOo chP1niBl0XZVS0BbJ9F6FzxvdUwkcsLgUVCTDCbvxA== X-Received: by 2002:a19:c8cc:: with SMTP id y195mr10145396lff.352.1608706546238; Tue, 22 Dec 2020 22:55:46 -0800 (PST) MIME-Version: 1.0 References: <20201223015312.4882-1-chang.seok.bae@intel.com> <20201223015312.4882-4-chang.seok.bae@intel.com> In-Reply-To: <20201223015312.4882-4-chang.seok.bae@intel.com> From: Jann Horn Date: Wed, 23 Dec 2020 07:55:20 +0100 Message-ID: Subject: Re: [PATCH v3 3/4] x86/signal: Prevent an alternate stack overflow before a signal delivery To: "Chang S. Bae" Cc: Borislav Petkov , Thomas Gleixner , Ingo Molnar , Andy Lutomirski , "the arch/x86 maintainers" , Len Brown , Dave Hansen , "H.J. Lu" , Dave Martin , Michael Ellerman , Tony Luck , "Ravi V. Shankar" , libc-alpha@sourceware.org, linux-arch , Linux API , kernel list Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Dec 23, 2020 at 2:57 AM Chang S. Bae wrote: > The kernel pushes data on the userspace stack when entering a signal. If > using a sigaltstack(), the kernel precisely knows the user stack size. > > When the kernel knows that the user stack is too small, avoid the overflow > and do an immediate SIGSEGV instead. > > This overflow is known to occur on systems with large XSAVE state. The > effort to increase the size typically used for altstacks reduces the > frequency of these overflows, but this approach is still useful for legacy > binaries. > > Suggested-by: Jann Horn > Signed-off-by: Chang S. Bae > Reviewed-by: Len Brown > Cc: Jann Horn > Cc: x86@kernel.org > Cc: linux-kernel@vger.kernel.org Reviewed-by: Jann Horn