Re: [PATCH 1/1] ipc/shm: fix the historical/wrong mm->start_stack check

[Manfred Spraul]

On 08/23/2014 04:43 PM, Oleg Nesterov wrote:
> The ->start_stack check in do_shmat() looks ugly and simply wrong.
>
> 1. ->start_stack is only valid right after exec(), the application
>     can switch to another stack and even unmap this area.
>
> 2. The reason for this check is not clear at all. The application
>     should know what it does. And why 4 pages? And why in fact it
>     requires 5 pages?
>
> 3. This wrongly assumes that the stack can only grown down.
>
> Personally I think we should simply kill this check, but I did not
> dare to do this. So the patch only fixes the 1st problem (mostly to
> avoid the usage of mm->start_stack) and ignores VM_GROWSUP.
>
> Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>
Acked-by: Manfred Spraul <manfred@xxxxxxxxxxxxxxxx>
> [snip]

> +		if (vma) {
> +			if (vma->vm_flags & VM_GROWSDOWN)
> +				end += PAGE_SIZE * 4; /* can't overflow */
Why is an overflow impossible?
> +			if (end > vma->vm_start)
> +				goto invalid;
> +		}
>   	}
>   
>   	addr = do_mmap_pgoff(file, addr, size, prot, flags, 0, &populate);
--
    Manfred
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/