From: Florian Weimer via Libc-alpha <libc-alpha@sourceware.org>
To: Adhemerval Zanella via Libc-alpha <libc-alpha@sourceware.org>
Subject: Re: [PATCH v7 1/4] support: Add support_stack_alloc
Date: Wed, 07 Jul 2021 12:17:29 +0200 [thread overview]
Message-ID: <87k0m2a0na.fsf@oldenburg.str.redhat.com> (raw)
In-Reply-To: <20210706145839.1658623-2-adhemerval.zanella@linaro.org> (Adhemerval Zanella via Libc-alpha's message of "Tue, 6 Jul 2021 11:58:36 -0300")
* Adhemerval Zanella via Libc-alpha:
> The code to allocate a stack from xsigstack is refactored so it can
> be more generic. The new support_stack_alloc() also set PROT_EXEC
> if DEFAULT_STACK_PERMS has PF_X. This is required on some
> architectures (hppa for instance) and trying to access the rtld
> global from testsuite will require more intrusive refactoring
> in the ldsodefs.h header.
DEFAULT_STACK_PERMS is misnamed, it's really HISTORIC_STACK_PERMS.
All architectures override it to RW permissions in the toolchain
(maybe with the exception of Hurd, which uses trampolines for nested
functions).
I have a cstack_allocate version that handles this. It can only be done
from within glibc proper because we do not export the stack execution
status directly. But I think it's out of scope for glibc 2.34 by now.
> + /* The guard bands need to be large enough to intercept offset
> + accesses from a stack address that might otherwise hit another
> + mapping. Make them at least twice as big as the stack itself, to
> + defend against an offset by the entire size of a large
> + stack-allocated array. The minimum is 1MiB, which is arbitrarily
> + chosen to be larger than any "typical" wild pointer offset.
> + Again, no matter what the number is, round it up to a whole
> + number of pages. */
> + size_t guardsize = roundup (MAX (2 * stacksize, 1024 * 1024), pagesize);
> + size_t alloc_size = guardsize + stacksize + guardsize;
> + /* Use MAP_NORESERVE so that RAM will not be wasted on the guard
> + bands; touch all the pages of the actual stack before returning,
> + so we know they are allocated. */
> + void *alloc_base = xmmap (0,
> + alloc_size,
> + PROT_NONE,
> + MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE|MAP_STACK,
> + -1);
> + /* PF_X can be overridden if PT_GNU_STACK is present. */
> + int prot = PROT_READ | PROT_WRITE
> + | (DEFAULT_STACK_PERMS & PF_X ? PROT_EXEC : 0);
> + xmprotect (alloc_base + guardsize, stacksize, prot);
> + memset (alloc_base + guardsize, 0xA5, stacksize);
> + return (struct support_stack) { alloc_base + guardsize, stacksize, guardsize };
This doesn't handle different stack growth directions.
Thanks,
Florian
next prev parent reply other threads:[~2021-07-07 10:17 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-06 14:58 [PATCH v7 0/4] Add close_range, closefrom, and posix_spawn_file_actions_closefrom_np Adhemerval Zanella via Libc-alpha
2021-07-06 14:58 ` [PATCH v7 1/4] support: Add support_stack_alloc Adhemerval Zanella via Libc-alpha
2021-07-07 10:17 ` Florian Weimer via Libc-alpha [this message]
2021-07-07 12:17 ` Adhemerval Zanella via Libc-alpha
2021-07-07 17:15 ` Florian Weimer via Libc-alpha
2021-07-07 17:26 ` Adhemerval Zanella via Libc-alpha
2021-07-08 5:43 ` Florian Weimer via Libc-alpha
2021-07-08 12:33 ` Adhemerval Zanella via Libc-alpha
2021-07-06 14:58 ` [PATCH v7 2/4] linux: Add close_range Adhemerval Zanella via Libc-alpha
2021-07-07 10:22 ` Florian Weimer via Libc-alpha
2021-07-07 12:51 ` Adhemerval Zanella via Libc-alpha
2021-07-07 12:53 ` Florian Weimer via Libc-alpha
2021-07-06 14:58 ` [PATCH v7 3/4] io: Add closefrom [BZ #10353] Adhemerval Zanella via Libc-alpha
2021-07-07 10:39 ` Florian Weimer via Libc-alpha
2021-07-07 12:55 ` Adhemerval Zanella via Libc-alpha
2021-07-06 14:58 ` [PATCH v7 4/4] posix: Add posix_spawn_file_actions_addclosefrom_np Adhemerval Zanella via Libc-alpha
2021-07-08 14:34 ` Florian Weimer via Libc-alpha
2021-07-08 16:12 ` Adhemerval Zanella via Libc-alpha
2021-07-08 21:54 ` H.J. Lu via Libc-alpha
2021-07-08 23:23 ` Adhemerval Zanella via Libc-alpha
2021-07-06 19:28 ` [PATCH v7 0/4] Add close_range, closefrom, and posix_spawn_file_actions_closefrom_np DJ Delorie via Libc-alpha
2021-07-06 19:33 ` Adhemerval Zanella via Libc-alpha
2021-07-06 19:38 ` Adhemerval Zanella via Libc-alpha
2021-07-06 19:47 ` DJ Delorie via Libc-alpha
2021-07-06 20:23 ` Adhemerval Zanella via Libc-alpha
2021-07-06 20:30 ` DJ Delorie via Libc-alpha
2021-07-06 21:33 ` DJ Delorie via Libc-alpha
2021-07-07 2:14 ` Adhemerval Zanella via Libc-alpha
2021-07-07 2:26 ` DJ Delorie via Libc-alpha
2021-07-06 19:42 ` DJ Delorie via Libc-alpha
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/libc/involved.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87k0m2a0na.fsf@oldenburg.str.redhat.com \
--to=libc-alpha@sourceware.org \
--cc=fweimer@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).