From nobody Sat Oct 16 16:02:15 2021 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id C77DC181049D; Sat, 16 Oct 2021 16:02:24 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from omta001.cacentral1.a.cloudfilter.net (omta001.cacentral1.a.cloudfilter.net [3.97.99.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HWnw01RwMz4q25; Sat, 16 Oct 2021 16:02:24 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from shw-obgw-4001a.ext.cloudfilter.net ([10.228.9.142]) by cmsmtp with ESMTP id bkaVm7GxSczbLbm8YmhT5t; Sat, 16 Oct 2021 16:02:18 +0000 Received: from spqr.komquats.com ([70.66.148.124]) by cmsmtp with ESMTPA id bm8Wmi4AUXoZRbm8XmR7Fe; Sat, 16 Oct 2021 16:02:18 +0000 X-Authority-Analysis: v=2.4 cv=R8NgpfdX c=1 sm=1 tr=0 ts=616af78a a=Cwc3rblV8FOMdVN/wOAqyQ==:117 a=Cwc3rblV8FOMdVN/wOAqyQ==:17 a=kj9zAlcOel0A:10 a=8gfv0ekSlNoA:10 a=6I5d2MoRAAAA:8 a=oCJs8q-oAAAA:8 a=YxBL1-UpAAAA:8 a=EkcXrb_YAAAA:8 a=g9Bdxua8SMYpVTfbOXkA:9 a=CjuIK1q_8ugA:10 a=IjZwj45LgO3ly-622nXo:22 a=qUF70SbvcHBaGhGVny9j:22 a=Ia-lj3WSrqcvXOmTRaiG:22 a=LK5xJRSDVpKd5WXXoEvA:22 Received: from slippy.cwsent.com (slippy [10.1.1.91]) by spqr.komquats.com (Postfix) with ESMTPS id 1C45411F; Sat, 16 Oct 2021 09:02:16 -0700 (PDT) Received: from slippy (localhost [127.0.0.1]) by slippy.cwsent.com (8.16.1/8.16.1) with ESMTP id 19GG2FYs004292; Sat, 16 Oct 2021 09:02:15 -0700 (PDT) (envelope-from Cy.Schubert@cschubert.com) Message-Id: <202110161602.19GG2FYs004292@slippy.cwsent.com> X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.7.1 Reply-to: Cy Schubert From: Cy Schubert X-os: FreeBSD X-Sender: cy@cwsent.com X-URL: http://www.cschubert.com/ To: Marcin Wojtas cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: Re: git: 889b56c8cd84 - main - setrlimit: Take stack gap into account. In-reply-to: <202110150823.19F8NEr9047194@gitrepo.freebsd.org> References: <202110150823.19F8NEr9047194@gitrepo.freebsd.org> Comments: In-reply-to Marcin Wojtas message dated "Fri, 15 Oct 2021 08:23:14 +0000." List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 16 Oct 2021 09:02:15 -0700 X-CMAE-Envelope: MS4xfE3yqBmQdi2wlbjcMdAAAQTBLS9KAHRTxWUgjiFjsgYUXMNUFCE/eWxqtsySK1eS4yGFLgp4Em5VkUq6DMh0HBdRLmrS+Ig9dm2wn6lJr5SNZP3B4cOT YZG+0riZ5rCRPdY5xm9kN+j2RLQVpTDXjITa+gQKz0uEDG4gbXfAoqo1WFLkpStU6JuHzxcVYxN4Dy3OtHLEefbOHxfPA8U2T1W4+W7fmPNcSK6RhYQnuINB btPEaGylbYRzV+th3cNZkLVZDvx1rqDtnRCbqFVReDSu1CnCtsSQHG6AMwEqF/wcIctU8Mnj5zQc5ERotH2EMxlVJLREQLCITPg+qzKU66I= X-Rspamd-Queue-Id: 4HWnw01RwMz4q25 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of cy.schubert@cschubert.com has no SPF policy when checking 3.97.99.32) smtp.mailfrom=cy.schubert@cschubert.com X-Spamd-Result: default: False [-1.60 / 15.00]; HAS_REPLYTO(0.00)[Cy.Schubert@cschubert.com]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; MV_CASE(0.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[cschubert.com: no valid DMARC record]; ARC_NA(0.00)[]; TO_DN_SOME(0.00)[]; AUTH_NA(1.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; RCVD_IN_DNSWL_NONE(0.00)[3.97.99.32:from]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:16509, ipnet:3.96.0.0/15, country:US]; RCVD_TLS_LAST(0.00)[]; RWL_MAILSPIKE_VERYGOOD(0.00)[3.97.99.32:from]; RECEIVED_SPAMHAUS_PBL(0.00)[70.66.148.124:received] X-ThisMailContainsUnwantedMimeParts: N In message <202110150823.19F8NEr9047194@gitrepo.freebsd.org>, Marcin Wojtas wri tes: > The branch main has been updated by mw: > > URL: https://cgit.FreeBSD.org/src/commit/?id=889b56c8cd84c9a9f2d9e3b019c154d6 > f14d9021 > > commit 889b56c8cd84c9a9f2d9e3b019c154d6f14d9021 > Author: Dawid Gorecki > AuthorDate: 2021-10-13 19:01:08 +0000 > Commit: Marcin Wojtas > CommitDate: 2021-10-15 08:21:47 +0000 > > setrlimit: Take stack gap into account. > > Calling setrlimit with stack gap enabled and with low values of stack > resource limit often caused the program to abort immediately after > exiting the syscall. This happened due to the fact that the resource > limit was calculated assuming that the stack started at sv_usrstack, > while with stack gap enabled the stack is moved by a random number > of bytes. > > Save information about stack size in struct vmspace and adjust the > rlim_cur value. If the rlim_cur and stack gap is bigger than rlim_max, > then the value is truncated to rlim_max. > > PR: 253208 > Reviewed by: kib > Obtained from: Semihalf > Sponsored by: Stormshield > MFC after: 1 month > Differential Revision: https://reviews.freebsd.org/D31516 > --- > sys/kern/imgact_elf.c | 5 +++-- > sys/kern/kern_exec.c | 11 ++++++++--- > sys/kern/kern_resource.c | 3 +++ > sys/sys/imgact_elf.h | 2 +- > sys/sys/sysent.h | 2 +- > sys/vm/vm_map.c | 2 ++ > sys/vm/vm_map.h | 1 + > 7 files changed, 19 insertions(+), 7 deletions(-) > > diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c > index ef1edfcabaf0..898f0f66a532 100644 > --- a/sys/kern/imgact_elf.c > +++ b/sys/kern/imgact_elf.c > @@ -2684,7 +2684,7 @@ __elfN(untrans_prot)(vm_prot_t prot) > return (flags); > } > > -void > +vm_size_t > __elfN(stackgap)(struct image_params *imgp, uintptr_t *stack_base) > { > uintptr_t range, rbase, gap; > @@ -2692,7 +2692,7 @@ __elfN(stackgap)(struct image_params *imgp, uintptr_t * > stack_base) > > pct = __elfN(aslr_stack_gap); > if (pct == 0) > - return; > + return (0); > if (pct > 50) > pct = 50; > range = imgp->eff_stack_sz * pct / 100; > @@ -2700,4 +2700,5 @@ __elfN(stackgap)(struct image_params *imgp, uintptr_t * > stack_base) > gap = rbase % range; > gap &= ~(sizeof(u_long) - 1); > *stack_base -= gap; > + return (gap); > } > diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c > index 50e75fda6cfb..9dceebdd8441 100644 > --- a/sys/kern/kern_exec.c > +++ b/sys/kern/kern_exec.c > @@ -1148,6 +1148,7 @@ exec_new_vmspace(struct image_params *imgp, struct syse > ntvec *sv) > stack_prot, error, vm_mmap_to_errno(error)); > return (vm_mmap_to_errno(error)); > } > + vmspace->vm_stkgap = 0; > > /* > * vm_ssize and vm_maxsaddr are somewhat antiquated concepts, but they > @@ -1493,12 +1494,16 @@ exec_args_get_begin_envv(struct image_args *args) > void > exec_stackgap(struct image_params *imgp, uintptr_t *dp) > { > + struct proc *p = imgp->proc; > + > if (imgp->sysent->sv_stackgap == NULL || > - (imgp->proc->p_fctl0 & (NT_FREEBSD_FCTL_ASLR_DISABLE | > + (p->p_fctl0 & (NT_FREEBSD_FCTL_ASLR_DISABLE | > NT_FREEBSD_FCTL_ASG_DISABLE)) != 0 || > - (imgp->map_flags & MAP_ASLR) == 0) > + (imgp->map_flags & MAP_ASLR) == 0) { > + p->p_vmspace->vm_stkgap = 0; > return; > - imgp->sysent->sv_stackgap(imgp, dp); > + } > + p->p_vmspace->vm_stkgap = imgp->sysent->sv_stackgap(imgp, dp); > } > > /* > diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c > index 4c62961e1bc4..b556d4fded51 100644 > --- a/sys/kern/kern_resource.c > +++ b/sys/kern/kern_resource.c > @@ -671,6 +671,9 @@ kern_proc_setrlimit(struct thread *td, struct proc *p, u_ > int which, > if (limp->rlim_max < 0) > limp->rlim_max = RLIM_INFINITY; > > + if (which == RLIMIT_STACK && limp->rlim_cur != RLIM_INFINITY) > + limp->rlim_cur += p->p_vmspace->vm_stkgap; > + > oldssiz.rlim_cur = 0; > newlim = lim_alloc(); > PROC_LOCK(p); > diff --git a/sys/sys/imgact_elf.h b/sys/sys/imgact_elf.h > index 97383c6eeeb8..294f17c87b6f 100644 > --- a/sys/sys/imgact_elf.h > +++ b/sys/sys/imgact_elf.h > @@ -118,7 +118,7 @@ int __elfN(remove_brand_entry)(Elf_Brandinfo *entry > ); > int __elfN(freebsd_fixup)(uintptr_t *, struct image_params *); > int __elfN(coredump)(struct thread *, struct vnode *, off_t, int); > size_t __elfN(populate_note)(int, void *, void *, size_t, void **); > -void __elfN(stackgap)(struct image_params *, uintptr_t *); > +vm_size_t __elfN(stackgap)(struct image_params *, uintptr_t *); > int __elfN(freebsd_copyout_auxargs)(struct image_params *, uintptr_t); > void __elfN(puthdr)(struct thread *, void *, size_t, int, size_t, int); > void __elfN(prepare_notes)(struct thread *, struct note_info_list *, > diff --git a/sys/sys/sysent.h b/sys/sys/sysent.h > index ad50bf56e87d..ea96c87a79af 100644 > --- a/sys/sys/sysent.h > +++ b/sys/sys/sysent.h > @@ -119,7 +119,7 @@ struct sysentvec { > void (*sv_elf_core_prepare_notes)(struct thread *, > struct note_info_list *, size_t *); > int (*sv_imgact_try)(struct image_params *); > - void (*sv_stackgap)(struct image_params *, uintptr_t *); > + vm_size_t (*sv_stackgap)(struct image_params *, uintptr_t *); > int (*sv_copyout_auxargs)(struct image_params *, > uintptr_t); > int sv_minsigstksz; /* minimum signal stack size */ > diff --git a/sys/vm/vm_map.c b/sys/vm/vm_map.c > index 1ac4ccf72f11..87a290b998b9 100644 > --- a/sys/vm/vm_map.c > +++ b/sys/vm/vm_map.c > @@ -343,6 +343,7 @@ vmspace_alloc(vm_offset_t min, vm_offset_t max, pmap_pini > t_t pinit) > vm->vm_taddr = 0; > vm->vm_daddr = 0; > vm->vm_maxsaddr = 0; > + vm->vm_stkgap = 0; > return (vm); > } > > @@ -4265,6 +4266,7 @@ vmspace_fork(struct vmspace *vm1, vm_ooffset_t *fork_ch > arge) > vm2->vm_taddr = vm1->vm_taddr; > vm2->vm_daddr = vm1->vm_daddr; > vm2->vm_maxsaddr = vm1->vm_maxsaddr; > + vm2->vm_stkgap = vm1->vm_stkgap; > vm_map_lock(old_map); > if (old_map->busy) > vm_map_wait_busy(old_map); > diff --git a/sys/vm/vm_map.h b/sys/vm/vm_map.h > index ace205b21b42..873ff62eec4a 100644 > --- a/sys/vm/vm_map.h > +++ b/sys/vm/vm_map.h > @@ -293,6 +293,7 @@ struct vmspace { > caddr_t vm_taddr; /* (c) user virtual address of text */ > caddr_t vm_daddr; /* (c) user virtual address of data */ > caddr_t vm_maxsaddr; /* user VA at max stack growth */ > + vm_size_t vm_stkgap; /* stack gap size in bytes */ > u_int vm_refcnt; /* number of references */ > /* > * Keep the PMAP last, so that CPU-specific variations of that > Is it possible to have a __FreeBSD_version bump for ports? -- Cheers, Cy Schubert FreeBSD UNIX: Web: https://FreeBSD.org NTP: Web: https://nwtime.org The need of the many outweighs the greed of the few.