comparison src/os_cpu/linux_x86/vm/os_linux_x86.cpp @ 9029:1485461a0fd1

8197429: Increased stack guard causes segfaults on x86-32 Reviewed-by: dholmes
author aph
date Fri, 06 Jul 2018 17:25:06 +0100
parents 427b2fb1944f
children
comparison
equal deleted inserted replaced
36:bd55a52b32d9 37:7c1ca3206ba8
890 * updates (JDK-8023956). 890 * updates (JDK-8023956).
891 */ 891 */
892 void os::workaround_expand_exec_shield_cs_limit() { 892 void os::workaround_expand_exec_shield_cs_limit() {
893 #if defined(IA32) 893 #if defined(IA32)
894 size_t page_size = os::vm_page_size(); 894 size_t page_size = os::vm_page_size();
895
896 /*
897 * JDK-8197429
898 *
899 * Expand the stack mapping to the end of the initial stack before
900 * attempting to install the codebuf. This is needed because newer
901 * Linux kernels impose a distance of a megabyte between stack
902 * memory and other memory regions. If we try to install the
903 * codebuf before expanding the stack the installation will appear
904 * to succeed but we'll get a segfault later if we expand the stack
905 * in Java code.
906 *
907 */
908 if (os::is_primordial_thread()) {
909 address limit = Linux::initial_thread_stack_bottom();
910 if (! DisablePrimordialThreadGuardPages) {
911 limit += (StackYellowPages + StackRedPages) * page_size;
912 }
913 os::Linux::expand_stack_to(limit);
914 }
915
895 /* 916 /*
896 * Take the highest VA the OS will give us and exec 917 * Take the highest VA the OS will give us and exec
897 * 918 *
898 * Although using -(pagesz) as mmap hint works on newer kernel as you would 919 * Although using -(pagesz) as mmap hint works on newer kernel as you would
899 * think, older variants affected by this work-around don't (search forward only). 920 * think, older variants affected by this work-around don't (search forward only).
908 * we don't have much control or understanding of the address space, just let it slide. 929 * we don't have much control or understanding of the address space, just let it slide.
909 */ 930 */
910 char* hint = (char*) (Linux::initial_thread_stack_bottom() - 931 char* hint = (char*) (Linux::initial_thread_stack_bottom() -
911 ((StackYellowPages + StackRedPages + 1) * page_size)); 932 ((StackYellowPages + StackRedPages + 1) * page_size));
912 char* codebuf = os::attempt_reserve_memory_at(page_size, hint); 933 char* codebuf = os::attempt_reserve_memory_at(page_size, hint);
934
935 if (codebuf == NULL) {
936 // JDK-8197429: There may be a stack gap of one megabyte between
937 // the limit of the stack and the nearest memory region: this is a
938 // Linux kernel workaround for CVE-2017-1000364. If we failed to
939 // map our codebuf, try again at an address one megabyte lower.
940 hint -= 1 * M;
941 codebuf = os::attempt_reserve_memory_at(page_size, hint);
942 }
943
913 if ( (codebuf == NULL) || (!os::commit_memory(codebuf, page_size, true)) ) { 944 if ( (codebuf == NULL) || (!os::commit_memory(codebuf, page_size, true)) ) {
914 return; // No matter, we tried, best effort. 945 return; // No matter, we tried, best effort.
915 } 946 }
916 if (PrintMiscellaneous && (Verbose || WizardMode)) { 947 if (PrintMiscellaneous && (Verbose || WizardMode)) {
917 tty->print_cr("[CS limit NX emulation work-around, exec code at: %p]", codebuf); 948 tty->print_cr("[CS limit NX emulation work-around, exec code at: %p]", codebuf);