From patchwork Wed Jul 24 05:58:42 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexandre Ghiti X-Patchwork-Id: 11056039 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C8539912 for ; Wed, 24 Jul 2019 06:05:39 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B531127D29 for ; Wed, 24 Jul 2019 06:05:39 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A74D928450; Wed, 24 Jul 2019 06:05:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 40BA527D29 for ; Wed, 24 Jul 2019 06:05:39 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 89E5D6B0008; Wed, 24 Jul 2019 02:05:38 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 8506C6B000A; Wed, 24 Jul 2019 02:05:38 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 765E26B000C; Wed, 24 Jul 2019 02:05:38 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 2B3696B0008 for ; Wed, 24 Jul 2019 02:05:38 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id r21so29565233edc.6 for ; Tue, 23 Jul 2019 23:05:38 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=eym0BMHdbArtu9uPr+EyfIeUu2p0S0z5kNpGctDciqY=; b=bYY1eLS1tY70alP+Qq1Ah98DmcWYIIs6svlsT/pPVy8nzHav+vJ6dFm8Je96iC3p0e Lmht3MslGp9ybtj0IhwEMtGr13DSOBrPfKa2+Fjw60K2LmTV+9DjNcT46rXK4N997vvU sPeaqkJQlqhglPTKoNYD1AaGOpW8krhqjvgIxENvlSuhVuFLRiJ4W5b7/jSudUUF7cDf +I+1fhLKZZ6skLaYolNzqeImzNep7dpdh3p7rN3kQZQIhffWQvCz8Nz9+btFnn6Z5L46 o8w2OMlNYeo7II0+N57bKhyM6Oo48+aMgsubAdN2TJUlajHW5blPaEY6yfc/dZg3xFMD j7dg== X-Original-Authentication-Results: mx.google.com; spf=neutral (google.com: 217.70.183.200 is neither permitted nor denied by best guess record for domain of alex@ghiti.fr) smtp.mailfrom=alex@ghiti.fr X-Gm-Message-State: APjAAAV2/tFTc0G7gWY17kVvfl4T6zkWqa7S7sIapThoxi1fnEX7O8Sx Lf6rvL/PiOYrbUf6mMZpPK4cfhdfEQuexBk1EltwsHV5sDQsNJlsLYcOLRIJS3USpb9tN6NzqYX PlsYDOnl8hLIwKiwzdjlewkMFWo0yH9mhpsifDj+SbrKkUPAYx8fPeIo91aQKRyc= X-Received: by 2002:aa7:c24b:: with SMTP id y11mr22204011edo.239.1563948337758; Tue, 23 Jul 2019 23:05:37 -0700 (PDT) X-Google-Smtp-Source: APXvYqwq6NK5jc9usFkBFIReU2EBq+O1KXGhpo7ov17FTC6zYzh4N2S3rdhsYQl6Yak0dAhf/Sl+ X-Received: by 2002:aa7:c24b:: with SMTP id y11mr22203969edo.239.1563948337041; Tue, 23 Jul 2019 23:05:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1563948337; cv=none; d=google.com; s=arc-20160816; b=RH1skHXfb6DiSX20fvrdcfqT61SM1R9EenpS0mfSejmNi59ILuxJhE2v4XtversLZC D9RloBw2qvbkK0lbLAkjqgO+EpW3OxSFvvIBAXgyn/BH5bWkF0phcWsHp2Qgajem9FG1 qv+/U1SoBUBmdwX0iIgvJV10KCypzqLgubjxq95ooejOb5AYFDzB99ReMpu3OMZEyFUc KHMjJJdveh/Q3nF+LDh7rxd4hpw8SDOIdi/7vwYzM4HPjR0/90BLHY7DK105703XdYej 33CKYzPI+bbCWTyLuXp5hS2NazG1f//QmcuFY9toln1urmxzPw9lXWZIBs3Ke9+fxrI7 51XA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from; bh=eym0BMHdbArtu9uPr+EyfIeUu2p0S0z5kNpGctDciqY=; b=pn0jgdNNw6jW6X5bOaI1oDwIP7UiKLnGTb9NCMriU+TF6DBpHKMnCQsp3ivJPjMBf/ 5BAB/PouT5K7yVwHXJyVeSMfzwZu3jWsFsGH4Bigsh1C1g43yXQG3seQnkMFwHrbGPC0 R+BBX1eWylKd6vUI5cIva/hjL7ElyjRaX+ogIXnnFrkzuNEYxAtAeuVtyk1aUV9o2zPt 8adfceDZnhIic2P86lbsc9zTTMY+8QvXgruFRZ5Chj9t2asuwJ6NKokTXonV/w/7OHYV Z4ofTWirhQXrXP3rdasleixARud9SzpTDfJqS+OIMYbCAcH3KdWHmSWYlZBhWh8+/4H7 zeGA== ARC-Authentication-Results: i=1; mx.google.com; spf=neutral (google.com: 217.70.183.200 is neither permitted nor denied by best guess record for domain of alex@ghiti.fr) smtp.mailfrom=alex@ghiti.fr Received: from relay7-d.mail.gandi.net (relay7-d.mail.gandi.net. [217.70.183.200]) by mx.google.com with ESMTPS id oc23si6987058ejb.369.2019.07.23.23.05.36 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 23 Jul 2019 23:05:37 -0700 (PDT) Received-SPF: neutral (google.com: 217.70.183.200 is neither permitted nor denied by best guess record for domain of alex@ghiti.fr) client-ip=217.70.183.200; Authentication-Results: mx.google.com; spf=neutral (google.com: 217.70.183.200 is neither permitted nor denied by best guess record for domain of alex@ghiti.fr) smtp.mailfrom=alex@ghiti.fr X-Originating-IP: 79.86.19.127 Received: from alex.numericable.fr (127.19.86.79.rev.sfr.net [79.86.19.127]) (Authenticated sender: alex@ghiti.fr) by relay7-d.mail.gandi.net (Postfix) with ESMTPSA id 7E8472000C; Wed, 24 Jul 2019 06:05:32 +0000 (UTC) From: Alexandre Ghiti To: Andrew Morton Cc: Christoph Hellwig , Russell King , Catalin Marinas , Will Deacon , Ralf Baechle , Paul Burton , James Hogan , Palmer Dabbelt , Albert Ou , Alexander Viro , Luis Chamberlain , Kees Cook , linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-mips@vger.kernel.org, linux-riscv@lists.infradead.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, Alexandre Ghiti Subject: [PATCH REBASE v4 06/14] arm: Properly account for stack randomization and stack guard gap Date: Wed, 24 Jul 2019 01:58:42 -0400 Message-Id: <20190724055850.6232-7-alex@ghiti.fr> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190724055850.6232-1-alex@ghiti.fr> References: <20190724055850.6232-1-alex@ghiti.fr> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This commit takes care of stack randomization and stack guard gap when computing mmap base address and checks if the task asked for randomization. This fixes the problem uncovered and not fixed for arm here: https://lkml.kernel.org/r/20170622200033.25714-1-riel@redhat.com Signed-off-by: Alexandre Ghiti Acked-by: Kees Cook --- arch/arm/mm/mmap.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/arch/arm/mm/mmap.c b/arch/arm/mm/mmap.c index f866870db749..bff3d00bda5b 100644 --- a/arch/arm/mm/mmap.c +++ b/arch/arm/mm/mmap.c @@ -18,8 +18,9 @@ (((pgoff)<> (PAGE_SHIFT - 12)) static int mmap_is_legacy(struct rlimit *rlim_stack) { @@ -35,6 +36,15 @@ static int mmap_is_legacy(struct rlimit *rlim_stack) static unsigned long mmap_base(unsigned long rnd, struct rlimit *rlim_stack) { unsigned long gap = rlim_stack->rlim_cur; + unsigned long pad = stack_guard_gap; + + /* Account for stack randomization if necessary */ + if (current->flags & PF_RANDOMIZE) + pad += (STACK_RND_MASK << PAGE_SHIFT); + + /* Values close to RLIM_INFINITY can overflow. */ + if (gap + pad > gap) + gap += pad; if (gap < MIN_GAP) gap = MIN_GAP;