Date: Wed, 28 Aug 2019 10:35:26 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 239894] security.bsd.stack_guard_page default causes Java to crash Message-ID: <bug-239894-227-jUd3La7uCJ@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-239894-227@https.bugs.freebsd.org/bugzilla/> References: <bug-239894-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239894 --- Comment #16 from Konstantin Belousov <kib@FreeBSD.org> --- (In reply to Greg Lewis from comment #15) To check that PROC_STACKGAP_CTL helps, please build kernel and world (or ju= st usr.sbin/proccontrol) with D21352 applied. Then you can run unmodified java binary like that: $ proccontrol -m stackgap -s disable java <args> and stack overflow detection should work same as before stack clash fixes. It if works, the best route would be to add procctl(PROC_STACKGAP_CTL, DISA= BLE) call at the beginning of the java vm initialization. WRT future work, I might add some code to outguess the need of the procctl(= 2), disabling gaps if mappings/mprotects are detected to fall into the gap area= to probably catch overflows. I am not big fan of this approach because it effectively disables clash protection, which is the reason why I did not implemented that already. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-239894-227-jUd3La7uCJ>