From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Theodore Y. Ts'o" Subject: Re: For review: documentation of clone3() system call Date: Mon, 11 Nov 2019 11:58:00 -0500 Message-ID: <20191111165800.GD7017@mit.edu> References: <20191107151941.dw4gtul5lrtax4se@wittgenstein> <2eb2ab4c-b177-29aa-cdc4-420b24cfd7b3@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org To: Jann Horn Cc: "Michael Kerrisk (man-pages)" , Christian Brauner , Florian Weimer , Christian Brauner , lkml , linux-man , Kees Cook , Oleg Nesterov , Arnd Bergmann , David Howells , Pavel Emelyanov , Andrew Morton , Adrian Reber , Andrei Vagin , Linux API , Ingo Molnar List-Id: linux-api@vger.kernel.org On Mon, Nov 11, 2019 at 03:55:35PM +0100, Jann Horn wrote: > Not on Linux, but on OpenBSD, they do use MAP_STACK now AFAIK; this > was announced here: > . > Basically they periodically check whether the userspace stack pointer > points into a MAP_STACK region, and if not, they kill the process. So > even if it's a no-op on Linux... Hmm, is that something we should do in Linux? Even if we only check on syscall entry, which should be pretty inexpensive, it seems like it would be very effective in protecting various ROP techniques. - Ted