fork: Add generic vmalloced stack support
If CONFIG_VMAP_STACK=y is selected, kernel stacks are allocated with __vmalloc_node_range(). Grsecurity has had a similar feature (called GRKERNSEC_KSTACKOVERFLOW=y) for a long time. Signed-off-by: Andy Lutomirski <luto@kernel.org> Acked-by: Michal Hocko <mhocko@suse.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Borislav Petkov <bp@alien8.de> Cc: Brian Gerst <brgerst@gmail.com> Cc: Denys Vlasenko <dvlasenk@redhat.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Link: http://lkml.kernel.org/r/14c07d4fd173a5b117f51e8b939f9f4323e39899.1470907718.git.luto@kernel.org [ Minor edits. ] Signed-off-by: Ingo Molnar <mingo@kernel.org>
This commit is contained in:
Andy Lutomirski
committato da
Ingo Molnar
Ingo Molnar
parent
eb4e841099
commit
ba14a194a4
34
arch/Kconfig
34
arch/Kconfig
@@ -707,4 +707,38 @@ config ARCH_NO_COHERENT_DMA_MMAP
|
||||
config CPU_NO_EFFICIENT_FFS
|
||||
def_bool n
|
||||
|
||||
config HAVE_ARCH_VMAP_STACK
|
||||
def_bool n
|
||||
help
|
||||
An arch should select this symbol if it can support kernel stacks
|
||||
in vmalloc space. This means:
|
||||
|
||||
- vmalloc space must be large enough to hold many kernel stacks.
|
||||
This may rule out many 32-bit architectures.
|
||||
|
||||
- Stacks in vmalloc space need to work reliably. For example, if
|
||||
vmap page tables are created on demand, either this mechanism
|
||||
needs to work while the stack points to a virtual address with
|
||||
unpopulated page tables or arch code (switch_to() and switch_mm(),
|
||||
most likely) needs to ensure that the stack's page table entries
|
||||
are populated before running on a possibly unpopulated stack.
|
||||
|
||||
- If the stack overflows into a guard page, something reasonable
|
||||
should happen. The definition of "reasonable" is flexible, but
|
||||
instantly rebooting without logging anything would be unfriendly.
|
||||
|
||||
config VMAP_STACK
|
||||
default y
|
||||
bool "Use a virtually-mapped stack"
|
||||
depends on HAVE_ARCH_VMAP_STACK && !KASAN
|
||||
---help---
|
||||
Enable this if you want the use virtually-mapped kernel stacks
|
||||
with guard pages. This causes kernel stack overflows to be
|
||||
caught immediately rather than causing difficult-to-diagnose
|
||||
corruption.
|
||||
|
||||
This is presently incompatible with KASAN because KASAN expects
|
||||
the stack to map directly to the KASAN shadow map using a formula
|
||||
that is incorrect if the stack is in vmalloc space.
|
||||
|
||||
source "kernel/gcov/Kconfig"
|
||||
|
||||
Fai riferimento in un nuovo problema
Block a user