Re: [PATCH] mm: larger stack guard gap, between vmas

From: Linus Torvalds
Date: Tue Jul 04 2017 - 14:37:26 EST


On Tue, Jul 4, 2017 at 10:22 AM, Michal Hocko <mhocko@xxxxxxxxxx> wrote:
>
> Well, I've been thinking about this some more and the more I think about
> it the less I am convinced we should try to be clever here. Why? Because
> as soon as somebody tries to manage stacks explicitly you cannot simply
> assume anything about the previous mapping. Say some interpret uses
> [ mngmnt data][red zone] <--[- MAP_GROWSDOWN ]
>
> Now if we consider the red zone's (PROT_NONE) prev mapping we would fail
> the expansion even though we haven't hit the red zone and that is
> essentially what the Java and rust bugs are about. So we just risk yet
> another regression.

Ack.

Let's make the initial version at least only check the first vma.

The long-term fix for this is to have the binaries do proper stack
expansion probing anyway, and it's quite possible that people who do
their own stack redzoning by adding a PROT_NONE thing already do that
proper fix (eg the Java stack may simply not *have* those big crazy
structures on it in the first place).

Linus