[Bug nptl/26691] New: Use a minimum guard size of 64 KiB on aarch64

[Bug nptl/26691] New: Use a minimum guard size of 64 KiB on aarch64

[fweimer at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=26691

            Bug ID: 26691
           Summary: Use a minimum guard size of 64 KiB on aarch64
           Product: glibc
           Version: 2.33
            Status: NEW
          Severity: normal
          Priority: P2
         Component: nptl
          Assignee: unassigned at sourceware dot org
          Reporter: fweimer at redhat dot com
                CC: drepper.fsp at gmail dot com
  Target Milestone: ---
            Target: aarch64

On aarch64, the -fstack-clash-protection implementation in GCC only issues
probes with a 64 KiB interval, so for full protection, it is necessary to have
a guard region of at least that size.

For the main thread, the kernel sets up the guard region, but for threads
created using pthread_create, glibc has to do this.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/26691] Use a minimum guard size of 64 KiB on aarch64

[cvs-commit at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=26691

--- Comment #1 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Szabolcs Nagy <nsz@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=238032ead6f34c41542890b968d973eb5c839673

commit 238032ead6f34c41542890b968d973eb5c839673
Author: Szabolcs Nagy <szabolcs.nagy@arm.com>
Date:   Wed Dec 13 15:50:21 2017 +0000

    aarch64: enforce >=64K guard size [BZ #26691]

    There are several compiler implementations that allow large stack
    allocations to jump over the guard page at the end of the stack and
    corrupt memory beyond that. See CVE-2017-1000364.

    Compilers can emit code to probe the stack such that the guard page
    cannot be skipped, but on aarch64 the probe interval is 64K by default
    instead of the minimum supported page size (4K).

    This patch enforces at least 64K guard on aarch64 unless the guard
    is disabled by setting its size to 0.  For backward compatibility
    reasons the increased guard is not reported, so it is only observable
    by exhausting the address space or parsing /proc/self/maps on linux.

    On other targets the patch has no effect. If the stack probe interval
    is larger than a page size on a target then ARCH_MIN_GUARD_SIZE can
    be defined to get large enough stack guard on libc allocated stacks.

    The patch does not affect threads with user allocated stacks.

    Fixes bug 26691.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/26691] Use a minimum guard size of 64 KiB on aarch64

[fweimer at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=26691

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED
                 CC|                            |fweimer at redhat dot com
   Target Milestone|---                         |2.33

--- Comment #2 from Florian Weimer <fweimer at redhat dot com> ---
Fixed for glibc 2.33.

-- 
You are receiving this mail because:
You are on the CC list for the bug.