This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Tests for minimal signal handler functionality in MINSIGSTKSZ space.

On 1/15/19 5:16 PM, Zack Weinberg wrote:
> On Tue, Jan 15, 2019 at 4:15 PM Carlos O'Donell <carlos@redhat.com> wrote:
>> Both of these choices need a comment explaining why or if they are
>> arbitrary, that they were just chosen at random.
> 
> How's this look?  You made me realize that the guards need to be
> *twice* as big as a large stack to be guaranteed to catch an offset by
> the entire size of a large stack-allocated array.

Perfect. You document intent, and that's all I wanted.

> +void *
> +xalloc_sigstack (size_t size)
> +{
> +  size_t pagesize = sysconf (_SC_PAGESIZE);
> +  if (pagesize == -1)
> +    FAIL_EXIT1 ("sysconf (_SC_PAGESIZE): %m\n");
> +
> +  /* Always supply at least MINSIGSTKSZ space; passing 0 as size means
> +     only that much space.  No matter what the number is, round it up
> +     to a whole number of pages.  */
> +  size_t stacksize = roundup (size + MINSIGSTKSZ, pagesize);

OK.

> +
> +  /* The guard bands need to be large enough to intercept offset
> +     accesses from a stack address that might otherwise hit another
> +     mapping.  Make them at least twice as big as the stack itself, to
> +     defend against an offset by the entire size of a large
> +     stack-allocated array.  The minimum is 1MiB, which is arbitrarily
> +     chosen to be larger than any "typical" wild pointer offset.
> +     Again, no matter what the number is, round it up to a whole
> +     number of pages.  */
> +  size_t guardsize = roundup (MAX (2 * stacksize, 1024 * 1024), pagesize);
> 

OK.

-- 
Cheers,
Carlos.
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]