diff mbox series

parisc: fix inability to allocate stack pages on exec

Message ID ccadf5d7-e22a-ab5b-21e8-18a788251845@redhat.com (mailing list archive)
State New
Headers show
Series parisc: fix inability to allocate stack pages on exec | expand

Commit Message

Mikulas Patocka July 3, 2023, 7:58 p.m. UTC
Hi

The patch 8d7071af8907 ("mm: always expand the stack with the mmap write 
lock held") breaks PA-RISC.

The breakage happens if we attempt to pass more arguments to execve than 
what fits into the initial stack page - we get -E2BIG in such a case.

The reason for the breakage is that the commit 8d7071af8907 adds the test 
"if (!(vma->vm_flags & VM_GROWSDOWN)) return -EFAULT;" to the function 
expand_downwards.

expand_downwards is called from get_arg_page to allocate initial stack 
pages. With the added test for VM_GROWSDOWN, it is not able to allocate 
any pages on PA-RISC at all, and execve fails as soon as it tries to 
allocate a stack page.

The bug can be fixed by dropping the test for VM_GROWSDOWN from 
expand_downwards.

Fixes: 8d7071af8907 ("mm: always expand the stack with the mmap write lock held")
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Cc: stable@vger.kernel.org	# v6.4

---
 mm/mmap.c |    3 ---
 1 file changed, 3 deletions(-)

Comments

Linus Torvalds July 3, 2023, 8:06 p.m. UTC | #1
On Mon, 3 Jul 2023 at 12:59, Mikulas Patocka <mpatocka@redhat.com> wrote:
>
> The patch 8d7071af8907 ("mm: always expand the stack with the mmap write
> lock held") breaks PA-RISC.
>
> The breakage happens if we attempt to pass more arguments to execve than
> what fits into the initial stack page - we get -E2BIG in such a case.
>
> The reason for the breakage is that the commit 8d7071af8907 adds the test
> "if (!(vma->vm_flags & VM_GROWSDOWN)) return -EFAULT;" to the function
> expand_downwards.

Heh. See

   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f66066bc5136f25e36a2daff4896c768f18c211e

which fixes this differently (and, I think, much better).

Just removing the VM_GROWSDOWN test will actually break some of the other users.

Notably the new and improved expand_stack() function that now handles
all the complicated *cough*ia64*cough* cases automatically, which
allowed unifying the page fault handling code around this area.

              Linus
Mikulas Patocka July 3, 2023, 8:40 p.m. UTC | #2
On Mon, 3 Jul 2023, Linus Torvalds wrote:

> On Mon, 3 Jul 2023 at 12:59, Mikulas Patocka <mpatocka@redhat.com> wrote:
> >
> > The patch 8d7071af8907 ("mm: always expand the stack with the mmap write
> > lock held") breaks PA-RISC.
> >
> > The breakage happens if we attempt to pass more arguments to execve than
> > what fits into the initial stack page - we get -E2BIG in such a case.
> >
> > The reason for the breakage is that the commit 8d7071af8907 adds the test
> > "if (!(vma->vm_flags & VM_GROWSDOWN)) return -EFAULT;" to the function
> > expand_downwards.
> 
> Heh. See
> 
>    https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f66066bc5136f25e36a2daff4896c768f18c211e
> 
> which fixes this differently (and, I think, much better).
> 
> Just removing the VM_GROWSDOWN test will actually break some of the other users.
> 
> Notably the new and improved expand_stack() function that now handles
> all the complicated *cough*ia64*cough* cases automatically, which
> allowed unifying the page fault handling code around this area.
> 
>               Linus

Yes - I confirm that this fixes it.

(please, also send this patch to Greg, so that it will be included in 
6.4.2)

Mikulas
Linus Torvalds July 3, 2023, 8:42 p.m. UTC | #3
On Mon, 3 Jul 2023 at 13:40, Mikulas Patocka <mpatocka@redhat.com> wrote:
>
> (please, also send this patch to Greg, so that it will be included in
> 6.4.2)

Already part of the -rc1 review commits

    https://lore.kernel.org/lkml/20230703184519.261119397@linuxfoundation.org/

Thanks,

            Linus
diff mbox series

Patch

Index: linux-6.4.1/mm/mmap.c
===================================================================
--- linux-6.4.1.orig/mm/mmap.c	2023-07-03 18:17:35.000000000 +0200
+++ linux-6.4.1/mm/mmap.c	2023-07-03 21:22:44.000000000 +0200
@@ -2036,9 +2036,6 @@  int expand_downwards(struct vm_area_stru
 	struct vm_area_struct *prev;
 	int error = 0;
 
-	if (!(vma->vm_flags & VM_GROWSDOWN))
-		return -EFAULT;
-
 	address &= PAGE_MASK;
 	if (address < mmap_min_addr || address < FIRST_USER_ADDRESS)
 		return -EPERM;