From: Johannes Berg <johannes@sipsolutions.net>
To: Tiwei Bie <tiwei.btw@antgroup.com>,
benjamin@sipsolutions.net, linux-um@lists.infradead.org
Cc: Benjamin Berg <benjamin.berg@intel.com>
Subject: Re: [PATCH 3/5] um: Do a double clone to disable rseq
Date: Tue, 28 May 2024 13:57:49 +0200 [thread overview]
Message-ID: <4a9d3075304f39b818009081d496b0f245bad450.camel@sipsolutions.net> (raw)
In-Reply-To: <5f5505da-ba67-421e-b0f5-6a5c19955f27@antgroup.com>
On Tue, 2024-05-28 at 18:16 +0800, Tiwei Bie wrote:
> On 5/28/24 4:54 PM, benjamin@sipsolutions.net wrote:
> > From: Benjamin Berg <benjamin.berg@intel.com>
> >
> > Newer glibc versions are enabling rseq support by default. This remains
> > enabled in the cloned child process, potentially causing the host kernel
> > to write/read memory in the child.
> >
> > It appears that this was purely not an issue because the used memory
> > area happened to be above TASK_SIZE and remains mapped.
>
> I also encountered this issue. In my case, with "Force a static link"
> (CONFIG_STATIC_LINK) enabled, UML will crash immediately every time
> it starts up. I worked around this by setting the glibc.pthread.rseq
> tunable via GLIBC_TUNABLES [1] before launching UML.
>
> So another easy way to work around this issue without introducing runtime
> overhead might be to add the GLIBC_TUNABLES=glibc.pthread.rseq=0 environment
> variable and exec /proc/self/exe in UML on startup.
>
It's also a bit of a question what to rely on - this would introduce a
dependency on glibc behaviour, whereas doing the double-clone proposed
here will work purely because of host kernel behaviour, regardless of
what part of the system set up rseq, how the tunables work, etc.
johannes
next prev parent reply other threads:[~2024-05-28 11:58 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-28 8:54 [PATCH 0/5] Increased address space for 64 bit benjamin
2024-05-28 8:54 ` [PATCH 1/5] um: Fix stub_start address calculation benjamin
2024-05-28 8:54 ` [PATCH 2/5] um: Limit TASK_SIZE to the addressable range benjamin
2024-05-28 8:54 ` [PATCH 3/5] um: Do a double clone to disable rseq benjamin
2024-05-28 10:16 ` Tiwei Bie
2024-05-28 10:30 ` Benjamin Berg
2024-05-28 11:03 ` Tiwei Bie
2024-05-28 11:57 ` Johannes Berg [this message]
2024-05-28 14:13 ` Tiwei Bie
2024-05-30 2:54 ` Tiwei Bie
2024-05-30 8:54 ` Benjamin Berg
2024-05-30 14:05 ` Tiwei Bie
2024-05-28 8:54 ` [PATCH 4/5] um: Discover host_task_size from envp benjamin
2024-05-28 8:54 ` [PATCH 5/5] um: Add 4 level page table support benjamin
2024-05-30 3:07 ` Tiwei Bie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4a9d3075304f39b818009081d496b0f245bad450.camel@sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=benjamin.berg@intel.com \
--cc=benjamin@sipsolutions.net \
--cc=linux-um@lists.infradead.org \
--cc=tiwei.btw@antgroup.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox