mirror of
https://sourceware.org/git/glibc.git
synced 2025-01-18 22:50:07 +00:00
17cef890c9
Replace _SC_MINSIGSTKSZ with _SC_SIGSTKSZ since sysconf (_SC_MINSIGSTKSZ) returns the minimum number of bytes of free stack space required in order to guarantee successful, non-nested handling of a single signal whose handler is an empty function while sysconf (_SC_SIGSTKSZ) returns the suggested minimum number of bytes of stack space required for a signal stack. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
84 lines
3.3 KiB
C
84 lines
3.3 KiB
C
/* Allocate a stack suitable to be used with xclone or xsigaltstack.
|
|
Copyright (C) 2021 Free Software Foundation, Inc.
|
|
This file is part of the GNU C Library.
|
|
|
|
The GNU C Library is free software; you can redistribute it and/or
|
|
modify it under the terms of the GNU Lesser General Public
|
|
License as published by the Free Software Foundation; either
|
|
version 2.1 of the License, or (at your option) any later version.
|
|
|
|
The GNU C Library is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Lesser General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Lesser General Public
|
|
License along with the GNU C Library; if not, see
|
|
<https://www.gnu.org/licenses/>. */
|
|
|
|
#include <support/check.h>
|
|
#include <support/support.h>
|
|
#include <support/xunistd.h>
|
|
#include <stdint.h>
|
|
#include <string.h>
|
|
#include <stackinfo.h>
|
|
#include <sys/mman.h>
|
|
#include <sys/param.h> /* roundup, MAX */
|
|
|
|
#ifndef MAP_NORESERVE
|
|
# define MAP_NORESERVE 0
|
|
#endif
|
|
#ifndef MAP_STACK
|
|
# define MAP_STACK 0
|
|
#endif
|
|
|
|
struct support_stack
|
|
support_stack_alloc (size_t size)
|
|
{
|
|
size_t pagesize = sysconf (_SC_PAGESIZE);
|
|
if (pagesize == -1)
|
|
FAIL_EXIT1 ("sysconf (_SC_PAGESIZE): %m\n");
|
|
|
|
/* Always supply at least sysconf (_SC_SIGSTKSZ) space; passing 0
|
|
as size means only that much space. No matter what the number is,
|
|
round it up to a whole number of pages. */
|
|
size_t stacksize = roundup (size + sysconf (_SC_SIGSTKSZ),
|
|
pagesize);
|
|
|
|
/* The guard bands need to be large enough to intercept offset
|
|
accesses from a stack address that might otherwise hit another
|
|
mapping. Make them at least twice as big as the stack itself, to
|
|
defend against an offset by the entire size of a large
|
|
stack-allocated array. The minimum is 1MiB, which is arbitrarily
|
|
chosen to be larger than any "typical" wild pointer offset.
|
|
Again, no matter what the number is, round it up to a whole
|
|
number of pages. */
|
|
size_t guardsize = roundup (MAX (2 * stacksize, 1024 * 1024), pagesize);
|
|
size_t alloc_size = guardsize + stacksize + guardsize;
|
|
/* Use MAP_NORESERVE so that RAM will not be wasted on the guard
|
|
bands; touch all the pages of the actual stack before returning,
|
|
so we know they are allocated. */
|
|
void *alloc_base = xmmap (0,
|
|
alloc_size,
|
|
PROT_NONE,
|
|
MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE|MAP_STACK,
|
|
-1);
|
|
/* Some architecture still requires executable stack for the signal return
|
|
trampoline, although PF_X could be overridden if PT_GNU_STACK is present.
|
|
However since glibc does not export such information with a proper ABI,
|
|
it uses the historical permissions. */
|
|
int prot = PROT_READ | PROT_WRITE
|
|
| (DEFAULT_STACK_PERMS & PF_X ? PROT_EXEC : 0);
|
|
xmprotect (alloc_base + guardsize, stacksize, prot);
|
|
memset (alloc_base + guardsize, 0xA5, stacksize);
|
|
return (struct support_stack) { alloc_base + guardsize, stacksize, guardsize };
|
|
}
|
|
|
|
void
|
|
support_stack_free (struct support_stack *stack)
|
|
{
|
|
void *alloc_base = (void *)((uintptr_t) stack->stack - stack->guardsize);
|
|
size_t alloc_size = stack->size + 2 * stack->guardsize;
|
|
xmunmap (alloc_base, alloc_size);
|
|
}
|