@@ -229,6 +229,21 @@ static void __do_kernel_fault(unsigned long addr, unsigned int esr,
return;
/*
+ * If we faulted on the guard page below this task's stack,
+ * we evidently overflowed
+ */
+ if (addr >= (u64)current->stack - PAGE_SIZE &&
+ addr < (u64)current->stack) {
+ printk(KERN_EMERG "BUG: stack guard page was hit at %p (stack is %p..%p)\n",
+ (void *)addr, current->stack,
+ (char *)current->stack + THREAD_SIZE - 1);
+ die("Oops", regs, esr);
+
+ /* Be absolutely certain we don't return. */
+ panic("Kernel stack overflow");
+ }
+
+ /*
* No handler, we'll have to terminate things with extreme prejudice.
*/
bust_spinlocks(1);
Add the code to __do_kernel_fault() to force a panic when the faulting address of a data abort points into the guard page below the current task's stack. Currently, we won't be able to make it all the way here under such a condition, but that will be addressed in a subsequent patch. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> --- arch/arm64/mm/fault.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+)