[linux] 03/03: [x86] mmap: Add an exception to the stack gap for Hotspot JVM compatibility

debian-kernel at lists.debian.org debian-kernel at lists.debian.org
Sat Dec 9 18:35:45 UTC 2017 

This is an automated email from the git hooks/post-receive script.

benh pushed a commit to branch wheezy-security
in repository linux.

commit fab7d28a853e05c812dfc51d2cec20a4f3fedf9c
Author: Ben Hutchings <ben at decadent.org.uk>
Date:   Thu Nov 30 01:06:55 2017 +0000

    [x86] mmap: Add an exception to the stack gap for Hotspot JVM compatibility
    
    Closes: #865303
---
 debian/changelog                                   |  3 ++
 ...xception-to-the-stack-gap-for-hotspot-jvm.patch | 45 ++++++++++++++++++++++
 ...p-remember-the-map_fixed-flag-as-vm_fixed.patch | 43 +++++++++++++++++++++
 debian/patches/series                              |  2 +
 4 files changed, 93 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 69da2c8..411806e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -215,6 +215,9 @@ linux (3.2.96-1) UNRELEASED; urgency=medium
   * [rt] Update to 3.2.95-rt133
   * dm: Avoid ABI change in 3.2.95
   * mm/mmap.c: expand_downwards: don't require the gap if !vm_prev
+  * mmap: Remember the MAP_FIXED flag as VM_FIXED
+  * [x86] mmap: Add an exception to the stack gap for Hotspot JVM compatibility
+    (Closes: #865303)
 
  -- Ben Hutchings <ben at decadent.org.uk>  Sun, 26 Nov 2017 20:43:54 +0000
 
diff --git a/debian/patches/bugfix/x86/mmap-add-an-exception-to-the-stack-gap-for-hotspot-jvm.patch b/debian/patches/bugfix/x86/mmap-add-an-exception-to-the-stack-gap-for-hotspot-jvm.patch
new file mode 100644
index 0000000..78a6c1b
--- /dev/null
+++ b/debian/patches/bugfix/x86/mmap-add-an-exception-to-the-stack-gap-for-hotspot-jvm.patch
@@ -0,0 +1,45 @@
+From: Ben Hutchings <ben at decadent.org.uk>
+Date: Thu, 30 Nov 2017 00:29:18 +0000
+Subject: mmap: Add an exception to the stack gap for Hotspot JVM compatibility
+Bug-Debian: https://bugs.debian.org/865303
+
+The Hotspot JVM can easily exhaust the default stack, and has a
+SIGSEGV handler to cope with this by switching to a new stack segment.
+
+However, on i386 it creates a single writable and executable page just
+under the stack limit as a workaround for a bug in Exec Shield.  That
+together with the enlarged stack gap causes the SIGSEGV handler to be
+triggered when the stack pointer is further away from the stack limit,
+and it doesn't recognise this as being a stack overflow.
+
+This specifically affects programs that use JNI.  Hotspot doesn't
+normally run Java code on the initial thread.
+
+Reduce the effective stack guard gap on x86 if the previous vma is
+a single page allocated as MAP_FIXED.
+
+References: https://bugs.debian.org/865303
+Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
+---
+ mm/mmap.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+--- a/mm/mmap.c
++++ b/mm/mmap.c
+@@ -1788,6 +1788,16 @@ int expand_downwards(struct vm_area_stru
+ 	/* Check that both stack segments have the same anon_vma? */
+ 	if (prev && !(prev->vm_flags & VM_GROWSDOWN) &&
+ 			(prev->vm_flags & (VM_WRITE|VM_READ|VM_EXEC))) {
++		/*
++		 * bwh: Reduce the stack guard gap if this looks like
++		 * Hotspot JVM craziness - see Debian bug #865303
++		 */
++		if (IS_ENABLED(CONFIG_X86) && (prev->vm_flags & VM_FIXED) &&
++		    prev->vm_end - prev->vm_start == PAGE_SIZE) {
++			if (address - prev->vm_end <
++			    min(stack_guard_gap, 4UL << PAGE_SHIFT))
++				return -ENOMEM;
++		} else
+ 		if (address - prev->vm_end < stack_guard_gap)
+ 			return -ENOMEM;
+ 	}
diff --git a/debian/patches/bugfix/x86/mmap-remember-the-map_fixed-flag-as-vm_fixed.patch b/debian/patches/bugfix/x86/mmap-remember-the-map_fixed-flag-as-vm_fixed.patch
new file mode 100644
index 0000000..6ba54f1
--- /dev/null
+++ b/debian/patches/bugfix/x86/mmap-remember-the-map_fixed-flag-as-vm_fixed.patch
@@ -0,0 +1,43 @@
+From: Ben Hutchings <ben at decadent.org.uk>
+Date: Wed, 5 Jul 2017 13:32:43 +0100
+Subject: mmap: Remember the MAP_FIXED flag as VM_FIXED
+
+Backport to 3.2: there are no spare bits, but we can share with VM_SAO
+as that's only used on powerpc and VM_FIXED will only be needed on
+x86.
+
+Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
+---
+ include/linux/mm.h   | 1 +
+ include/linux/mman.h | 3 ++-
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+--- a/include/linux/mm.h
++++ b/include/linux/mm.h
+@@ -115,7 +115,13 @@ extern unsigned int kobjsize(const void
+ 
+ #define VM_CAN_NONLINEAR 0x08000000	/* Has ->fault & does nonlinear pages */
+ #define VM_MIXEDMAP	0x10000000	/* Can contain "struct page" and pure PFN pages */
++#ifdef CONFIG_PPC
+ #define VM_SAO		0x20000000	/* Strong Access Ordering (powerpc) */
++#define VM_FIXED	0x00000000
++#else
++#define VM_SAO		0x00000000
++#define VM_FIXED	0x20000000	/* Allocated at fixed address */
++#endif
+ #define VM_PFN_AT_MMAP	0x40000000	/* PFNMAP vma that is fully mapped at mmap time */
+ #define VM_MERGEABLE	0x80000000	/* KSM may merge identical pages */
+ 
+--- a/include/linux/mman.h
++++ b/include/linux/mman.h
+@@ -87,7 +87,9 @@ calc_vm_flag_bits(unsigned long flags)
+ 	return _calc_vm_trans(flags, MAP_GROWSDOWN,  VM_GROWSDOWN ) |
+ 	       _calc_vm_trans(flags, MAP_DENYWRITE,  VM_DENYWRITE ) |
+ 	       _calc_vm_trans(flags, MAP_EXECUTABLE, VM_EXECUTABLE) |
+-	       _calc_vm_trans(flags, MAP_LOCKED,     VM_LOCKED    );
++	       _calc_vm_trans(flags, MAP_LOCKED,     VM_LOCKED    ) |
++	       (VM_FIXED ?
++		_calc_vm_trans(flags, MAP_FIXED,     VM_FIXED     ) : 0);
+ }
+ #endif /* __KERNEL__ */
+ #endif /* _LINUX_MMAN_H */
diff --git a/debian/patches/series b/debian/patches/series
index 8166a39..875d273 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -107,6 +107,8 @@ bugfix/all/kbuild-Fix-missing-n-for-NEW-symbols-in-yes-make-old.patch
 bugfix/all/netfilter-ipv4-defrag-set-local_df-flag-on-defragmen.patch
 bugfix/all/mm-add-pte_present-check-on-existing-hugetlb_entry-c.patch
 bugfix/all/mm-mmap.c-expand_downwards-don-t-require-the-gap-if-.patch
+bugfix/x86/mmap-remember-the-map_fixed-flag-as-vm_fixed.patch
+bugfix/x86/mmap-add-an-exception-to-the-stack-gap-for-hotspot-jvm.patch
 
 # Miscellaneous features
 features/all/hwmon-it87-Add-IT8728F-support.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git

More information about the Kernel-svn-changes mailing list