• Thomas Gleixner's avatar
    x86/signal: Implement sigaltstack size validation · 3aac3ebe
    Thomas Gleixner authored
    For historical reasons MINSIGSTKSZ is a constant which became already too
    small with AVX512 support.
    
    Add a mechanism to enforce strict checking of the sigaltstack size against
    the real size of the FPU frame.
    
    The strict check can be enabled via a config option and can also be
    controlled via the kernel command line option 'strict_sas_size' independent
    of the config switch.
    
    Enabling it might break existing applications which allocate a too small
    sigaltstack but 'work' because they never get a signal delivered. Though it
    can be handy to filter out binaries which are not yet aware of
    AT_MINSIGSTKSZ.
    
    Also the upcoming support for dynamically enabled FPU features requires a
    strict sanity check to ensure that:
    
       - Enabling of a dynamic feature, which changes the sigframe size fits
         into an enabled sigaltstack
    
       - Installing a too small sigaltstack after a dynamic feature has been
         added is not possible.
    
    Implement the base check which is controlled by config and command line
    options.
    Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
    Signed-off-by: default avatarChang S. Bae <chang.seok.bae@intel.com>
    Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
    Link: https://lkml.kernel.org/r/20211021225527.10184-3-chang.seok.bae@intel.com
    3aac3ebe
signal.c 26.1 KB