Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20190710212319.GM21055@port70.net>
Date: Wed, 10 Jul 2019 23:23:19 +0200
From: Szabolcs Nagy <nsz@...t70.net>
To: musl@...ts.openwall.com
Subject: Re: [PATCH] Fix the use of sigaltstack to return to the saved
 main stack.

* James Y Knight <jyknight@...gle.com> [2019-07-10 16:11:23 -0400]:
>  int sigaltstack(const stack_t *restrict ss, stack_t *restrict old)
>  {
> +	// We must check requirements which Linux fails to verify in the syscall
> +	// itself.
>  	if (ss) {
> -		if (ss->ss_size < MINSIGSTKSZ) {
> +		// The syscall does already check against MINSIGSTKSZ, however,
> +		// the kernel's value is smaller than musl's value on some
> +		// architectures. Thus, although this check may appear
> +		// redundant, it is not.

the comment does not make sense to me, the check is obviously
not redundant.

MINSIGSTKSZ is a libc api, has nothing to do with the kernel

the kernel also defines a MINSIGSZTKSZ but musl is an
abstraction layer higher, the linux limit should not be
observable to users, only the limit defined by musl,
which ensures not only that the kernel can deliver a
signal but also reserves space of any current or future
hackery the c runtime may need to do around signal handling,
so that trivial c language signal handler is guaranteed
to work.

this is the only reasonable way to make such limit useful.
if it were only a kernel limit, then application code would
have to guess the libc signal handling overhead and add that
to the MINSIGSZTKSZ when allocating signal stacks.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.