Re: [RFC] mlock/stack guard interaction fixup

From: Tony Luck
Date: Mon Aug 23 2010 - 12:34:25 EST

Next message: David Brownell: "Re: [PATCH] pio: add arch specific gpio_is_valid() function"
Previous message: auto595907: "Re: netfilter/iptables stopped logging 2.6.35-rc"
In reply to: Sam Ravnborg: "Re: [RFC] mlock/stack guard interaction fixup"
Next in thread: Ian Campbell: "Re: [RFC] mlock/stack guard interaction fixup"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Aug 21, 2010 at 9:08 AM, Sam Ravnborg <sam@xxxxxxxxxxxx> wrote:
> Tony Luck already provided a VM_GROWSUP version.
>
> See: http://lkml.org/lkml/2010/8/20/325
>
> [It is signed off by Tony Luc - but I guess they know each other ;-) ]

Tony Luc spends too much time looking at the To: and Cc: to make
sure that he spelled *other* peoples names correctly.

That patch doesn't apply any more because of the latest change to look
at vm_prev instead of calling find_vma() [N.B. the block comment above
check_stack_guard_page() still talks about find_vma()]. I can fix up my
patch ... but I have to wonder whether the new code doesn't leave a
hole again. It assumes that any VM_GROWSDOWN object that is
found below the current one is the result of the stack vma having been
split. But couldn't an attacker have used MAP_GROWSDOWN when
placing their sneaky stack smashing mapping just below the stack?

-Tony
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Brownell: "Re: [PATCH] pio: add arch specific gpio_is_valid() function"
Previous message: auto595907: "Re: netfilter/iptables stopped logging 2.6.35-rc"
In reply to: Sam Ravnborg: "Re: [RFC] mlock/stack guard interaction fixup"
Next in thread: Ian Campbell: "Re: [RFC] mlock/stack guard interaction fixup"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]