Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp4682077pxb;
        Tue, 28 Sep 2021 01:22:02 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyTsB6BjIHCFhOJo30WBJesnesUq6wxA6AFyWUR15h7G3Ov/CEljuIMbNx6KKvFne6oLS2U
X-Received: by 2002:a17:907:785a:: with SMTP id lb26mr5163735ejc.77.1632817322528;
        Tue, 28 Sep 2021 01:22:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1632817322; cv=none;
        d=google.com; s=arc-20160816;
        b=0HBC7cO0IJCWJdAoIM/wkcLmR877ACRxyx7KfPvueBWzM5LEQY+aPy/Bk1CIg8pGoA
         pOfdL1avKhl3jOrZakpH6nLstaDjxGYVOvUj5ngvnHwvT4UqHUH5oEsUkV/yHdEZxiSP
         ynXTVtcxazUrtBfrFQg5Dnhs0+bTSSSxNXshrJtCldC1VzvRRG71eLI9cLChP5K57ioQ
         A3CdrUniv3WTk7MKnQkkms8DqAoUTFXuLQ643z2Ro1BZ0DS2bcTRPgg8xdO8OkhA2dbH
         WwZFktch/9BqsD7hKWp9mAjG3GhYdmgKTAxLqIg+9PLvGiRh0GBQJwO/+d5Iv9kbvHTW
         Pr9g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=rCzJg9CvHeyayYYjEpmknRW2aE9nGcCpWseERpBFha4=;
        b=Dgl4tjlNnvcxQli38Et4GJKHEYXgijQDvTHknvC8N6eePa6PXqblYSNJZrb74CXjUa
         /1Dx18dBiAAakUW6KfJ2HJQCpaTLdOhbcSgwXpOhyMm0hDUGzVpr1++hJaNTbKLRlG3C
         zmRx5bqx8nXrMvXQ0YOf/NemWZAu4GUrxDqiDGhvr0qf1AXc/kbFx3iQsEzj0FiNxb2g
         cefTn1DYywFtEKdyJZ5LK4U0zg71uQ8Aa4llABN/Yf67BVTwhfX+UqPYyoxxebovLMbR
         OFeYZSZ9MBKbwPVj1htVlox1TJ0SxHdED//lW6w9e1Y56OysgqANItKoadzImPWN9Xzs
         4RHA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UCvZFQTy;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id y11si27211080edj.69.2021.09.28.01.21.38;
        Tue, 28 Sep 2021 01:22:02 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UCvZFQTy;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S239332AbhI1IWC (ORCPT <rfc822;loic.yhuel@gmail.com> + 99 others);
        Tue, 28 Sep 2021 04:22:02 -0400
Received: from mail.kernel.org ([198.145.29.99]:47344 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S231342AbhI1IWB (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 28 Sep 2021 04:22:01 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id B65E561209
        for <linux-kernel@vger.kernel.org>; Tue, 28 Sep 2021 08:20:22 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1632817222;
        bh=FOqCQkHnZGbZdTybxy+5IK/DFnY6xsR2LcxikZl/+rY=;
        h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
        b=UCvZFQTyf2Xb5DGTJMcRCTcmpWSrkZcBIzpbNC3WNmQ92ZvUZmkT7tGo1/LdmnKc7
         YU9AA/Ls4GPIrKNGRMzGxU16EYsBQTmLi3CnUsblDXAyTEuHKSOh1kG4f6ULFpdl5c
         3J3mQVQY3xTLEq04xL5gt8n47n9obHFYCtLPPEZt/HFuSOiQ3hnyUszu5zuTQ2yxfH
         nFDpd9FTJZEgzRoRxZedXpJwrQbRXpiCn1fMr7VQff/G6Bdo/6NnhvePk4eBNhB2ca
         ZWtKNOLLvganXhf1SLdX/oFEjwkjFnaJR+PbPbioJtU0ciNUfHodNED2dVqjq0xxgB
         1n7TmaC60rQgQ==
Received: by mail-wr1-f47.google.com with SMTP id t8so56582154wrq.4
        for <linux-kernel@vger.kernel.org>; Tue, 28 Sep 2021 01:20:22 -0700 (PDT)
X-Gm-Message-State: AOAM530DctxoDjePqb6W+Y4eYjCLIHKByztiXAaZsIucfl6WAv8zMZcP
        Ab8MQGNtIcE7Ku9x10X45YcOj5sL+vThjNcvID8=
X-Received: by 2002:a5d:6cb4:: with SMTP id a20mr4296190wra.428.1632817221261;
 Tue, 28 Sep 2021 01:20:21 -0700 (PDT)
MIME-Version: 1.0
References: <20210927141815.1711736-1-arnd@kernel.org> <1B89CC23-0CB4-4DA3-BA84-3DD628675351@tuxera.com>
In-Reply-To: <1B89CC23-0CB4-4DA3-BA84-3DD628675351@tuxera.com>
From:   Arnd Bergmann <arnd@kernel.org>
Date:   Tue, 28 Sep 2021 10:20:04 +0200
X-Gmail-Original-Message-ID: <CAK8P3a04K0z-ExztXisby506qz6pCuvx5pyOQU8hzFNULoHj8w@mail.gmail.com>
Message-ID: <CAK8P3a04K0z-ExztXisby506qz6pCuvx5pyOQU8hzFNULoHj8w@mail.gmail.com>
Subject: Re: [PATCH] [RFC] ntfs: disable for 64KB because of stack overflow risk
To:     Anton Altaparmakov <anton@tuxera.com>
Cc:     Kees Cook <keescook@chromium.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Arnd Bergmann <arnd@arndb.de>,
        "linux-ntfs-dev@lists.sourceforge.net" 
        <linux-ntfs-dev@lists.sourceforge.net>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Sep 28, 2021 at 1:21 AM Anton Altaparmakov <anton@tuxera.com> wrote:
>
> Hi Arnd,
>
> Thanks for the patch but what is the problem with the stack usage exceeding 2048 bytes?
>
> I am not aware of any architectures that implements kernel stack size (THREAD_SIZE)
> less than page size and by default most architectures with 4kiB page size even use two
> pages to make the stack 8kiB.

The two are decoupled these days unless CONFIG_VMAP_STACK is enabled at build
time, in which case the THREAD_SIZE is always a multiple of STACK_SIZE.
No architecture currently forces the use of VMAP_STACK though, so the allocation
is done in alloc_thread_stack_node() using this kmem_cache:

        thread_stack_cache = kmem_cache_create_usercopy("thread_stack",
                                        THREAD_SIZE, THREAD_SIZE, 0, 0,
                                        THREAD_SIZE, NULL);

64K pages are allowed on arm64, powerpc, mips, microblaze, ia64, sh, hexagon
and the upcoming loongarch port. The respective THREAD_SHIFT/THREAD_SIZE
values on these are

arch/arm64/include/asm/memory.h:#define MIN_THREAD_SHIFT (14 +
KASAN_THREAD_SHIFT)
arch/powerpc/Kconfig:config THREAD_SHIFT
arch/powerpc/Kconfig-   default "14" if PPC64
arch/mips/include/asm/thread_info.h:#define THREAD_SIZE_ORDER (0)
arch/mips/include/asm/thread_info.h:#define THREAD_SIZE (PAGE_SIZE <<
THREAD_SIZE_ORDER)
arch/microblaze/include/asm/thread_info.h:#define THREAD_SHIFT 13
arch/ia64/include/asm/ptrace.h:# define KERNEL_STACK_SIZE_ORDER         0
arch/ia64/include/asm/ptrace.h:#define IA64_STK_OFFSET
 ((1 << KERNEL_STACK_SIZE_ORDER)*PAGE_SIZE)
arch/ia64/include/asm/ptrace.h:#define KERNEL_STACK_SIZE
 IA64_STK_OFFSET
arch/ia64/include/asm/thread_info.h:#define THREAD_SIZE
 KERNEL_STACK_SIZE
arch/sh/include/asm/thread_info.h:#define THREAD_SHIFT  12
arch/hexagon/include/asm/thread_info.h:#define THREAD_SHIFT 12

As far as I can tell, only mips and ia64 require the kernel stack to
be a multiple
of the page size here, and I would consider that a bug: This is extremely
wasteful, especially considering that those machines typically won't have the
vast amounts of RAM that modern arm64 and powerpc64 servers have.

On a hexagon or sh system with 4KB stacks, using over 2KB in one function
is definitely excessive. Those machines wouldn't normally need NTFS support,
but that was kind-of the point of my patch.

         Arnd