From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754507AbdKJWEk (ORCPT <rfc822;w@1wt.eu>);
        Fri, 10 Nov 2017 17:04:40 -0500
Received: from mail.kernel.org ([198.145.29.99]:51602 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1754100AbdKJWEf (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 10 Nov 2017 17:04:35 -0500
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D47D921986
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org
Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=luto@kernel.org
X-Google-Smtp-Source: AGs4zMba350n7aBDdCy5sRyNqQRxqGsWG49eG0zkgeHJd90Jga+7dlCxBdF1HzVoA13pHlf1yBtGK6NW1C5Qk/GBObk=
MIME-Version: 1.0
In-Reply-To: <a4f2bc2f-4d90-85fe-c0cc-d0d31551e933@marcan.st>
References: <c6603960-c155-8f9f-6458-38e9ba6d4bdd@marcan.st>
 <CALCETrXhUdMNfC0yBah39Z=xWVe3Fix-qF922gJjqzTO1B7TSA@mail.gmail.com>
 <06a4b0b4-4b36-91b6-d146-9fc1300b785f@marcan.st> <a4f2bc2f-4d90-85fe-c0cc-d0d31551e933@marcan.st>
From: Andy Lutomirski <luto@kernel.org>
Date: Fri, 10 Nov 2017 14:04:13 -0800
X-Gmail-Original-Message-ID: <CALCETrVd-f-N=O6QmtdzS7oSVkXpsJhxH+=9+0fvfFmy5Cz3WQ@mail.gmail.com>
Message-ID: <CALCETrVd-f-N=O6QmtdzS7oSVkXpsJhxH+=9+0fvfFmy5Cz3WQ@mail.gmail.com>
Subject: Re: [kernel-hardening] Re: vDSO maximum stack usage, stack probes,
 and -fstack-check
To: "Hector Martin 'marcan'" <marcan@marcan.st>
Cc: LKML <linux-kernel@vger.kernel.org>,
        "kernel-hardening@lists.openwall.com" 
        <kernel-hardening@lists.openwall.com>,
        X86 ML <x86@kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

> On Nov 10, 2017, at 8:36 AM, Hector Martin 'marcan' <marcan@marcan.st> wrote:
>
>> On 2017-11-11 01:02, Hector Martin 'marcan' wrote:
>> Not entirely sure what's going on here.
>
> Actually, if you think about it, it doesn't matter that it skips the
> first page, since it's probing one page more. That just means the caller
> will have probed the previous page. So ultimately you're just probing
> ahead of where you need to, but that should be OK.
>

The whole point is to touch the stack pages in order.  Also, I see no
guarantee that the function would touch the intermediate page before
clobbering the probed page.  You're seeing exactly that behavior, in
fact.

> --
> Hector Martin "marcan" (marcan@marcan.st)
> Public Key: https://mrcn.st/pub