diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2013-02-27 16:36:04 (GMT) |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2013-03-03 22:03:31 (GMT) |
| commit | 00243dda62e27a3a0e9ca8c4017622b3fb35676f (patch) | |
| tree | caa3f2046581f7b1b731b93f2afc08f34d7cf69e /drivers/watchdog | |
| parent | 4c91a0e718837dddb8c06d5618c13d3b9fe68419 (diff) | |
| download | linux-fsl-qoriq-00243dda62e27a3a0e9ca8c4017622b3fb35676f.tar.xz | |
mm: do not grow the stack vma just because of an overrun on preceding vma
commit 09884964335e85e897876d17783c2ad33cf8a2e0 upstream.
The stack vma is designed to grow automatically (marked with VM_GROWSUP
or VM_GROWSDOWN depending on architecture) when an access is made beyond
the existing boundary. However, particularly if you have not limited
your stack at all ("ulimit -s unlimited"), this can cause the stack to
grow even if the access was really just one past *another* segment.
And that's wrong, especially since we first grow the segment, but then
immediately later enforce the stack guard page on the last page of the
segment. So _despite_ first growing the stack segment as a result of
the access, the kernel will then make the access cause a SIGSEGV anyway!
So do the same logic as the guard page check does, and consider an
access to within one page of the next segment to be a bad access, rather
than growing the stack to abut the next segment.
Reported-and-tested-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'drivers/watchdog')
0 files changed, 0 insertions, 0 deletions