Re: [PATCH v7 5/6] x86/signal: Detect and prevent an alternate signal stack overflow
From: Bae, Chang Seok
Date: Thu Mar 25 2021 - 13:22:02 EST
On Mar 25, 2021, at 09:20, Borislav Petkov <bp@xxxxxxx> wrote:
>
> $ gcc tst-minsigstksz-2.c -DMY_MINSIGSTKSZ=3453 -o tst-minsigstksz-2
> $ ./tst-minsigstksz-2
> tst-minsigstksz-2: changed byte 50 bytes below configured stack
>
> Whoops.
>
> And the debug print said:
>
> [ 5395.252884] signal: get_sigframe: sp: 0x7f54ec39e7b8, sas_ss_sp: 0x7f54ec39e6ce, sas_ss_size 0xd7d
>
> which tells me that, AFAICT, your check whether we have enough alt stack
> doesn't seem to work in this case.
Yes, in this case.
tst-minsigstksz-2.c has this code:
static void
handler (int signo)
{
/* Clear a bit of on-stack memory. */
volatile char buffer[256];
for (size_t i = 0; i < sizeof (buffer); ++i)
buffer[i] = 0;
handler_run = 1;
}
…
if (handler_run != 1)
errx (1, "handler did not run");
for (void *p = stack_buffer; p < stack_bottom; ++p)
if (*(unsigned char *) p != 0xCC)
errx (1, "changed byte %zd bytes below configured stack\n",
stack_bottom - p);
…
I think the message comes from the handler’s overwriting, not from the kernel.
The patch's check is to detect and prevent the kernel-induced overflow --
whether alt stack enough for signal delivery itself. The stack is possibly
not enough for the signal handler's use as the kernel does not know for it.
Thanks,
Chang