Received: by 2002:a05:6358:53a8:b0:117:f937:c515 with SMTP id z40csp5959268rwe; Tue, 18 Apr 2023 14:24:45 -0700 (PDT) X-Google-Smtp-Source: AKy350Ya6y1gvFN2W/fvodKeMb19Wtnf2XnRFcRjhZZoVJwKlFR0iojdxhviu0m3n3WxGFs4zG/H X-Received: by 2002:a05:6a00:17a0:b0:63b:8571:8102 with SMTP id s32-20020a056a0017a000b0063b85718102mr1383420pfg.3.1681853085260; Tue, 18 Apr 2023 14:24:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1681853085; cv=none; d=google.com; s=arc-20160816; b=wfs91T0hmvFYgy+ZFOGJqtQ6sbOyCkUIak42Zb2LO3m5Frl4SsE6TCLl9De7O2Z2HL 0FenbZzz03Gt2E3DCl4mtVYPfWLNdlh0zlBoP+zcdKx32rMMl9kaGDTYhpR9S1SXPFeD ucCSn3IuUP7pr/LRAvsBW9l7V/r1AwtqoXn9W7zfDTrN2kmIRiZ1PEUsgdE8hw2SEkat OWUfm+mmUEFjEhvG3FZgGmaWMO4jDh4OI4hikS0m2C/OPWmU8MU0Wln5ovGdFNW19nJD RqMvj7uH9zb5K38QWj0XCC6CAiFBPcdfZP6P6EDzDybsDi/xzI3AI3gPS28e0uIVXECN LaMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dkim-signature; bh=nYIf8vY/HYZLlCUVI1RLk590C9jXoIf+4Okxbld77y0=; b=0wr7AzFO5ioom9EHRn41GTMPqRe/Hv8AqKAjUmoh/RWvT9VQyGepihkr7cUn3MGQSl JxIREMjfQzEushFtSROtW4OLUP56b+30MhEnTwdMH9EqaycZq1hNOH+EIk3kSF3XgyVc s3Be40NEZltty4F0mcK8nA9udSOvppkn7Z+6/x3/enb31oi7hcKB+tkN7RaxQ+FfqYA/ 8NgyT4u55z1ulr1oCQfccp/jy9gndLhFTrmmSvVKE4uHPtk/EYNM3olAF9OuNT44nU6Q Fnk/3mSSd5zuOws1uP4ckTibcitH4Fg+5qjk+Ksg/EeW1yjn/0dsHSttq3OWKP3cEmAi CwJg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=korg header.b=ZJrxSsXn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p1-20020a622901000000b0063b7c4435c0si9083037pfp.54.2023.04.18.14.24.33; Tue, 18 Apr 2023 14:24:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=korg header.b=ZJrxSsXn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232399AbjDRVS5 (ORCPT + 99 others); Tue, 18 Apr 2023 17:18:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36552 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229818AbjDRVSz (ORCPT ); Tue, 18 Apr 2023 17:18:55 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 651DB40C7 for ; Tue, 18 Apr 2023 14:18:54 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 017B662CDC for ; Tue, 18 Apr 2023 21:18:54 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 386F0C433D2; Tue, 18 Apr 2023 21:18:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1681852733; bh=ZHLorItxEGVfcY4Q/q4ok59ZeKbJLntqIuzGqWM4Oz8=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=ZJrxSsXnTHQnjbHNk2yl/WgKDDGRDFLxcfVRgtiByjNC7xDO1v8qYMnVfOxxpJRP3 wuodcAfVx0XI2XLHxp1xTZC98IQfMW0lLEy/j3GmEHQ3nuM7TuUidWfAeQCVu27G0p H7h/mRHFd4XMxzmSjglYoxgDpXj6J0li/x7ECAHk= Date: Tue, 18 Apr 2023 14:18:52 -0700 From: Andrew Morton To: Waiman Long Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Joe Mario , Barry Marson , Rafael Aquini Subject: Re: [PATCH] mm/mmap: Map MAP_STACK to VM_STACK Message-Id: <20230418141852.75e551e57e97f4b522957c5c@linux-foundation.org> In-Reply-To: <20230418210230.3495922-1-longman@redhat.com> References: <20230418210230.3495922-1-longman@redhat.com> X-Mailer: Sylpheed 3.8.0beta1 (GTK+ 2.24.33; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-7.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 18 Apr 2023 17:02:30 -0400 Waiman Long wrote: > One of the flags of mmap(2) is MAP_STACK to request a memory segment > suitable for a process or thread stack. The kernel currently ignores > this flags. Glibc uses MAP_STACK when mmapping a thread stack. However, > selinux has an execstack check in selinux_file_mprotect() which disallows > a stack VMA to be made executable. > > Since MAP_STACK is a noop, it is possible for a stack VMA to be merged > with an adjacent anonymous VMA. With that merging, using mprotect(2) > to change a part of the merged anonymous VMA to make it executable may > fail. This can lead to sporadic failure of applications that need to > make those changes. "Sporadic failure of applications" sounds quite serious. Can you provide more details? Did you consider a -stable backport? I'm unable to judge, because the description of the userspace effects is so thin, > One possible fix is to make sure that a stack VMA will not be merged > with a non-stack anonymous VMA. That requires a vm flag that can be > used to distinguish a stack VMA from a regular anonymous VMA. One > can add a new dummy vm flag for that purpose. However, there is only > 1 bit left in the lower 32 bits of vm_flags. Another alternative is > to use an existing vm flag. VM_STACK (= VM_GROWSDOWN for most arches) > can certainly be used for this purpose. The downside is that it is a > slight change in existing behavior. > > Making a stack VMA growable by default certainly fits the need of a > process or thread stack. This patch now maps MAP_STACK to VM_STACK to > prevent unwanted merging with adjacent non-stack VMAs and make the VMA > more suitable for being used as a stack. > > ... > > --- a/include/linux/mman.h > +++ b/include/linux/mman.h > @@ -152,6 +152,7 @@ calc_vm_flag_bits(unsigned long flags) > return _calc_vm_trans(flags, MAP_GROWSDOWN, VM_GROWSDOWN ) | > _calc_vm_trans(flags, MAP_LOCKED, VM_LOCKED ) | > _calc_vm_trans(flags, MAP_SYNC, VM_SYNC ) | > + _calc_vm_trans(flags, MAP_STACK, VM_STACK ) | > arch_calc_vm_flag_bits(flags); > } The mmap(2) manpage says This flag is currently a no-op on Linux. However, by employing this flag, applications can ensure that they transparently ob- tain support if the flag is implemented in the future. Thus, it is used in the glibc threading implementation to allow for the fact that some architectures may (later) require special treat- ment for stack allocations. A further reason to employ this flag is portability: MAP_STACK exists (and has an effect) on some other systems (e.g., some of the BSDs). so please propose an update for this?