From nobody Thu Dec 30 15:36:37 2021 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id DE351191DA9C; Thu, 30 Dec 2021 15:36:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JPsnd4Vzsz3s24; Thu, 30 Dec 2021 15:36:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7AA481B0C5; Thu, 30 Dec 2021 15:36:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1BUFabS3011017; Thu, 30 Dec 2021 15:36:37 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1BUFabno011016; Thu, 30 Dec 2021 15:36:37 GMT (envelope-from git) Date: Thu, 30 Dec 2021 15:36:37 GMT Message-Id: <202112301536.1BUFabno011016@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Marcin Wojtas Subject: git: 16a900ae0242 - stable/13 - setrlimit: Take stack gap into account. List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mw X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 16a900ae02427e6ab3c91282847eba553f4dcd89 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1640878597; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kom3O7dC4glL1DtKybEBAunroR/4abh3yZ4nuV91Ub4=; b=VvxiBWkeNoU/c7LLtL+XjCcgecAG4cFarzzXB3C16NztLS5E37ROy4TMlhTDrJ3XlfFirG af9UpRlMUpBe6OBHW634/BudCjYAj12UmmmXG2+hVfU+Dqdmu6Jy0rznOZDSZ5YdbhdBkW 8KBH4R17RmJ5rdwRqaTB1ShC0/d7n+ZdkPj74PNUP9+FMwwI4tenbWbw21VMyZRxgwB+7l aQVKg9xZyVHY/QC5qJ+QbV1bUT2YX2M8aYn+tr0HKet/f9/JQFip9qlEnPUOiuVaAgURn9 E+pbQO/EKfH1dhhfOCQwu1wblKEWjafiDQrNm4mycTDujF1dgk9mKH354WFn6g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1640878597; a=rsa-sha256; cv=none; b=DSoXq30jUQbN3VsEYf/vukV5cZjnYSIA9wEvQn0KbJZw70Og2AMYXxurO/tFXu89gcHUrT 2+4oKUeQ2Zc3sfsvrscDsDNezX7BM44cyKL5kbFqhNSWCjv9tEuZFpRwLX89PRzLMNROTv NhN2qNeC2wCfuhk+QDedFbJZH7K6lzGDs3uo1w45+4Yfx/pin9LYGDsbhrdI6ZliNxYox4 aCSDBIeL6vJlqTmuJoKVLLbjmV2dGd0Gji0Ex5iecj12k1VMFn+g9mYo5chEYlLMZf/kDt oX9BsH35tQljV7DZUuvgEf3IjIAjBFdE7o1oxEAfcW8IcOs/9+aXTc2JMvzp4A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by mw: URL: https://cgit.FreeBSD.org/src/commit/?id=16a900ae02427e6ab3c91282847eba553f4dcd89 commit 16a900ae02427e6ab3c91282847eba553f4dcd89 Author: Dawid Gorecki AuthorDate: 2021-10-13 19:01:08 +0000 Commit: Marcin Wojtas CommitDate: 2021-12-30 15:24:59 +0000 setrlimit: Take stack gap into account. Calling setrlimit with stack gap enabled and with low values of stack resource limit often caused the program to abort immediately after exiting the syscall. This happened due to the fact that the resource limit was calculated assuming that the stack started at sv_usrstack, while with stack gap enabled the stack is moved by a random number of bytes. Save information about stack size in struct vmspace and adjust the rlim_cur value. If the rlim_cur and stack gap is bigger than rlim_max, then the value is truncated to rlim_max. PR: 253208 Reviewed by: kib Obtained from: Semihalf Sponsored by: Stormshield MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D31516 (cherry picked from commit 889b56c8cd84c9a9f2d9e3b019c154d6f14d9021) --- sys/kern/imgact_elf.c | 5 +++-- sys/kern/kern_exec.c | 11 ++++++++--- sys/kern/kern_resource.c | 3 +++ sys/sys/imgact_elf.h | 2 +- sys/sys/sysent.h | 2 +- sys/vm/vm_map.c | 2 ++ sys/vm/vm_map.h | 1 + 7 files changed, 19 insertions(+), 7 deletions(-) diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index 567c1094bfdc..102863026a9a 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -2892,7 +2892,7 @@ __elfN(untrans_prot)(vm_prot_t prot) return (flags); } -void +vm_size_t __elfN(stackgap)(struct image_params *imgp, uintptr_t *stack_base) { uintptr_t range, rbase, gap; @@ -2900,7 +2900,7 @@ __elfN(stackgap)(struct image_params *imgp, uintptr_t *stack_base) pct = __elfN(aslr_stack_gap); if (pct == 0) - return; + return (0); if (pct > 50) pct = 50; range = imgp->eff_stack_sz * pct / 100; @@ -2908,4 +2908,5 @@ __elfN(stackgap)(struct image_params *imgp, uintptr_t *stack_base) gap = rbase % range; gap &= ~(sizeof(u_long) - 1); *stack_base -= gap; + return (gap); } diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 246d72234a29..a6f333eec9e2 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -1224,6 +1224,7 @@ exec_new_vmspace(struct image_params *imgp, struct sysentvec *sv) stack_prot, error, vm_mmap_to_errno(error)); return (vm_mmap_to_errno(error)); } + vmspace->vm_stkgap = 0; /* * vm_ssize and vm_maxsaddr are somewhat antiquated concepts, but they @@ -1634,12 +1635,16 @@ exec_args_get_begin_envv(struct image_args *args) void exec_stackgap(struct image_params *imgp, uintptr_t *dp) { + struct proc *p = imgp->proc; + if (imgp->sysent->sv_stackgap == NULL || - (imgp->proc->p_fctl0 & (NT_FREEBSD_FCTL_ASLR_DISABLE | + (p->p_fctl0 & (NT_FREEBSD_FCTL_ASLR_DISABLE | NT_FREEBSD_FCTL_ASG_DISABLE)) != 0 || - (imgp->map_flags & MAP_ASLR) == 0) + (imgp->map_flags & MAP_ASLR) == 0) { + p->p_vmspace->vm_stkgap = 0; return; - imgp->sysent->sv_stackgap(imgp, dp); + } + p->p_vmspace->vm_stkgap = imgp->sysent->sv_stackgap(imgp, dp); } /* diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c index 0ea863917727..ed15f02eedbc 100644 --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -672,6 +672,9 @@ kern_proc_setrlimit(struct thread *td, struct proc *p, u_int which, if (limp->rlim_max < 0) limp->rlim_max = RLIM_INFINITY; + if (which == RLIMIT_STACK && limp->rlim_cur != RLIM_INFINITY) + limp->rlim_cur += p->p_vmspace->vm_stkgap; + oldssiz.rlim_cur = 0; newlim = lim_alloc(); PROC_LOCK(p); diff --git a/sys/sys/imgact_elf.h b/sys/sys/imgact_elf.h index ca95798c7288..b4e8d8d42980 100644 --- a/sys/sys/imgact_elf.h +++ b/sys/sys/imgact_elf.h @@ -106,7 +106,7 @@ int __elfN(remove_brand_entry)(Elf_Brandinfo *entry); int __elfN(freebsd_fixup)(uintptr_t *, struct image_params *); int __elfN(coredump)(struct thread *, struct vnode *, off_t, int); size_t __elfN(populate_note)(int, void *, void *, size_t, void **); -void __elfN(stackgap)(struct image_params *, uintptr_t *); +vm_size_t __elfN(stackgap)(struct image_params *, uintptr_t *); int __elfN(freebsd_copyout_auxargs)(struct image_params *, uintptr_t); /* Machine specific function to dump per-thread information. */ diff --git a/sys/sys/sysent.h b/sys/sys/sysent.h index 3e87bc7c3744..d95ea5cd9038 100644 --- a/sys/sys/sysent.h +++ b/sys/sys/sysent.h @@ -114,7 +114,7 @@ struct sysentvec { int (*sv_coredump)(struct thread *, struct vnode *, off_t, int); /* function to dump core, or NULL */ int (*sv_imgact_try)(struct image_params *); - void (*sv_stackgap)(struct image_params *, uintptr_t *); + vm_size_t (*sv_stackgap)(struct image_params *, uintptr_t *); int (*sv_copyout_auxargs)(struct image_params *, uintptr_t); int sv_minsigstksz; /* minimum signal stack size */ diff --git a/sys/vm/vm_map.c b/sys/vm/vm_map.c index 1ac4ccf72f11..87a290b998b9 100644 --- a/sys/vm/vm_map.c +++ b/sys/vm/vm_map.c @@ -343,6 +343,7 @@ vmspace_alloc(vm_offset_t min, vm_offset_t max, pmap_pinit_t pinit) vm->vm_taddr = 0; vm->vm_daddr = 0; vm->vm_maxsaddr = 0; + vm->vm_stkgap = 0; return (vm); } @@ -4265,6 +4266,7 @@ vmspace_fork(struct vmspace *vm1, vm_ooffset_t *fork_charge) vm2->vm_taddr = vm1->vm_taddr; vm2->vm_daddr = vm1->vm_daddr; vm2->vm_maxsaddr = vm1->vm_maxsaddr; + vm2->vm_stkgap = vm1->vm_stkgap; vm_map_lock(old_map); if (old_map->busy) vm_map_wait_busy(old_map); diff --git a/sys/vm/vm_map.h b/sys/vm/vm_map.h index ace205b21b42..873ff62eec4a 100644 --- a/sys/vm/vm_map.h +++ b/sys/vm/vm_map.h @@ -293,6 +293,7 @@ struct vmspace { caddr_t vm_taddr; /* (c) user virtual address of text */ caddr_t vm_daddr; /* (c) user virtual address of data */ caddr_t vm_maxsaddr; /* user VA at max stack growth */ + vm_size_t vm_stkgap; /* stack gap size in bytes */ u_int vm_refcnt; /* number of references */ /* * Keep the PMAP last, so that CPU-specific variations of that