From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752264AbdGETAW (ORCPT <rfc822;w@1wt.eu>);
        Wed, 5 Jul 2017 15:00:22 -0400
Received: from wtarreau.pck.nerim.net ([62.212.114.60]:54138 "EHLO 1wt.eu"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751772AbdGETAV (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 5 Jul 2017 15:00:21 -0400
Date: Wed, 5 Jul 2017 20:59:37 +0200
From: Willy Tarreau <w@1wt.eu>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Ben Hutchings <ben@decadent.org.uk>, Michal Hocko <mhocko@kernel.org>,
        Hugh Dickins <hughd@google.com>, Oleg Nesterov <oleg@redhat.com>,
        "Jason A. Donenfeld" <Jason@zx2c4.com>, Rik van Riel <riel@redhat.com>,
        Larry Woodman <lwoodman@redhat.com>,
        "Kirill A. Shutemov" <kirill@shutemov.name>,
        Tony Luck <tony.luck@intel.com>,
        "James E.J. Bottomley" <jejb@parisc-linux.org>,
        Helge Diller <deller@gmx.de>, James Hogan <james.hogan@imgtec.com>,
        Laura Abbott <labbott@redhat.com>, Greg KH <greg@kroah.com>,
        "security@kernel.org" <security@kernel.org>,
        Qualys Security Advisory <qsa@qualys.com>,
        LKML <linux-kernel@vger.kernel.org>, Ximin Luo <infinity0@debian.org>
Subject: Re: [PATCH] mm: larger stack guard gap, between vmas
Message-ID: <20170705185937.GB24459@1wt.eu>
References: <CA+55aFzMX72+Kb=zNgjCf6UfPt+C+e7WDp_rpbSLuOVx1k7iqg@mail.gmail.com>
 <20170704084122.GC14722@dhcp22.suse.cz>
 <20170704093538.GF14722@dhcp22.suse.cz>
 <20170704094728.GB22013@1wt.eu>
 <20170704104211.GG14722@dhcp22.suse.cz>
 <20170704113611.GA4732@decadent.org.uk>
 <1499209315.2707.29.camel@decadent.org.uk>
 <CA+55aFzjibuaV=GBZQN8KOaCpf1P3B1abJCYGaxEM9RVpf9fXg@mail.gmail.com>
 <1499257180.2707.34.camel@decadent.org.uk>
 <CA+55aFzV+CEtFhj-+t31249rcEud3DQqqY4fwJYsO3oT0RJ_PQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CA+55aFzV+CEtFhj-+t31249rcEud3DQqqY4fwJYsO3oT0RJ_PQ@mail.gmail.com>
User-Agent: Mutt/1.6.1 (2016-04-27)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Jul 05, 2017 at 09:17:59AM -0700, Linus Torvalds wrote:
(...)
> The good news is that this is probably specialized enough that we can
> just keep the defaults as "will break this one case, but we give
> people the tools to work around it".
> 
> I hate doing that, but distros that still support 32-bit (which is
> apparently a shrinking number) can maybe hack the libreoffice launch
> scripts up?

Don't you think that the option of having a sysctl to relax the check
per task wouldn't be easier for distros and safer overall ? Ie, emit
a warning the first time the gap is hit instead of segfaulting, then
reduce it to something that used to work (4k or 64k, I don't remember)
and try again ? It would quickly report all these "special" programs
for end-user distros, without leaving too much room for attacks due
to the warning making it pretty obvious what's going on. I just don't
know how to place this stack gap per process but since this was already
discussed for prctl I think it's doable.

Willy