On 06/19/2017 01:45 PM, Jakub Jelinek wrote: > On Mon, Jun 19, 2017 at 01:04:57PM -0600, Jeff Law wrote: >> On 06/19/2017 11:50 AM, Joseph Myers wrote: >>> On Mon, 19 Jun 2017, Jeff Law wrote: >>> >>>> A key point to remember is that you can never have an allocation >>>> (potentially using more than one allocation site) which is larger than a >>>> page without probing the page. >>> >>> There's a platform ABI issue here. At least some kernel fixes for these >>> stack issues, as I understand it, increase the size of the stack guard to >>> more than a single page. It would be possible to define the ABI to >>> require such a larger guard for protection and so reduce the number of >>> (non-alloca/VLA-using) functions that need probes generated, depending on >>> whether a goal is to achieve security on kernels without such a fix. >>> (Thinking in terms of how to get to enabling such probes by default.) >> On 32 bit platforms we don't have a lot of address space left, so we >> have to be careful about creating too large of a guard. >> >> On 64 bit platforms we have a lot more freedom and I suspect larger >> guards, mandated by the ABI would be useful, if for no other reason than >> allowing us to allocate more stack without probing. A simple array of >> PATH_MAX characters triggers probing right now. I suspect (but didn't >> bother to confirm) that PATH_MAX array are what causes git to have so >> many large stacks. >> >> Also if we look at something like ppc and aarch64, we've currently got >> the PROBE_INTERVAL set to 4k. But in reality they're using much larger >> page sizes. So we could improve things there as well. > > ppc can use 4K, 16K, 64K or 256K pages, aarch64 4K, 16K or 64K. > So, unless the ABI (or some ABI extension for Linux) says that the guard > page is at least 16K or 64K on these arches (and unless glibc changes the > default pthread_attr_getguardsize - currently defaults everywhere to 1 > page), you can't rely on more than 4K there.While the hardware can use the > smaller pages ISTM that we can (and probably should) be clearer in the ABI. The current pagesize exported by the kernel on those targets is 16/32k IIRC.
jeff
