|
From: Tom H. <to...@co...> - 2005-11-08 09:41:50
|
In message <yek...@de...>
Tom Hughes <to...@co...> wrote:
> The problem is that the first mprotect has PROT_GROWSDOWN set and that
> causes mprotect to fail with EINVAL if the underlying VMA in the kernel
> doesn't have VM_GROWSDOWN set. The normal system provided stack does
> have that set, but our one doesn't and there is no way to set it from
> user space as far as I know.
>
> This isn't new in version 3 as far as I know - there are complaints
> about it with older versions I think.
>
> What PROT_GROWSDOWN does is to cause the kernel to round down the
> start address given to that of the underlying VMA and apply the
> protection specified to the whole area. In other words the stack
> extension area also gets those permissions.
The critical files to understand all this are mm/mprotect.c in the
kernel and sysdeps/unix/sysv/linux/dl-execstack.c in glibc.
The kernel provides PROT_GROWSDOWN and PROT_GROWSUP which round the
start/end address of mprotect to the start/end of the underlying vma
and glibc uses that as an easy way to change the protection of the
stack by calling mprotect on the last page of the stack with
PROT_GROWSDOWN set.
The sanity check provided by the kernel is that the vma must have
the VM_GROWSDOWN/VM_GROWSUP flag set as appropriate.
If that mprotect fails with EINVAL then glibc falls back to doing a
binary search to try and work out the size of the stack and change
it's protection. Obviously your glibc is not doing that for some
reason - I have glibc 2.3.5 if that helps.
> I believe that the valgrind address space manager copies the
> permissions of the area being extended when extending into a
> reservation so we can probably just clear PROT_GROWSUP/PROT_GROWSDOWN
> when we are processing an extendable area.
It's a bit more complicated than that - we need to check that we
are working on an area with an appropriate reservation next to
it - much like the kernel checks for VM_GROWSDOWN - and then move
the start address and length as appropriate and clear the flag.
The attached patch seems to work for me - if it works for you as
well then I guess we can go with it.
Tom
--
Tom Hughes (to...@co...)
http://www.compton.nu/
|