Page MenuHomeFreeBSD
Differential D26908

mmap(2): Clarify that guard is taken from the stack region.
ClosedPublic
Actions

Authored by alc on Oct 22 2020, 6:43 PM.
Tags
None
Referenced Files
Unknown Object (File)
Feb 25 2024, 12:33 PM
Unknown Object (File)
Jan 28 2024, 5:07 PM
Unknown Object (File)
Dec 20 2023, 3:40 AM
Unknown Object (File)
Dec 8 2023, 1:47 PM
Unknown Object (File)
Nov 14 2023, 4:09 PM
Unknown Object (File)
Nov 10 2023, 3:49 PM
Unknown Object (File)
Nov 10 2023, 3:42 AM
Unknown Object (File)
Nov 6 2023, 7:19 PM
View All 43 Files
Subscribers
bcr
imp

Details

Reviewers
emaste
markj
kib
Group Reviewers
manpages
Commits
rS367087: Revise the description of MAP_STACK. In particular, describe the guard

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib created this revision.Oct 22 2020, 6:43 PM
Herald added a subscriber: imp. · View Herald TranscriptOct 22 2020, 6:43 PM
kib requested review of this revision.Oct 22 2020, 6:43 PM
Harbormaster completed remote builds in B34325: Diff 78610.Oct 22 2020, 6:43 PM
emaste added inline comments.Oct 22 2020, 6:46 PM
lib/libc/sys/mmap.2
347 ↗(On Diff #78610)

The guard is

emaste mentioned this in D26894: mmap(2): Document guard size and related EINVAL..Oct 22 2020, 6:47 PM
emaste added a comment.Oct 22 2020, 6:50 PM

One grammar nit

emaste added inline comments.Oct 22 2020, 6:53 PM
lib/libc/sys/mmap.2
341 ↗(On Diff #78610)

I guess pedantically the stack grows to (len - guard size).

How does this sound:

This option creates
a memory region that grows to at most
.Fa len
bytes less the guard size.
The region starts from the stack top and grows down.

kib updated this revision to Diff 78614.Oct 22 2020, 7:01 PM
kib marked 2 inline comments as done.

Ed' changes.

Harbormaster completed remote builds in B34326: Diff 78614.Oct 22 2020, 7:01 PM
emaste accepted this revision.Oct 22 2020, 7:13 PM

Looks good to me.

This revision is now accepted and ready to land.Oct 22 2020, 7:13 PM
markj accepted this revision.Oct 23 2020, 2:34 PM
alc added inline comments.Oct 23 2020, 5:29 PM
lib/libc/sys/mmap.2
343 ↗(On Diff #78614)

I would not use a comma here.

353–356 ↗(On Diff #78614)

Individually, these two sentences make perfect sense, but taken together they do not. The first sentence is about special "guard" vm map entries that act as reservations for the virtual address region, but the second sentence is about the size of the "red zone" created at the bottom of the virtual address region using the "guard" vm map entry. The size of the former, i.e., the reservation, is NOT determined by the sysctl. But, literally taken together that is what these sentences are saying. In the documentation, I don't think that we should use the word "guard" in describing both the reservation and the red zone. Given its use in the name of the sysctl, I would only use it in conjunction with the red zone.

kib updated this revision to Diff 78651.Oct 23 2020, 6:11 PM
kib marked 2 inline comments as done.

Reword text to distinguish between guard as is, and minimal guard size.

This revision now requires review to proceed.Oct 23 2020, 6:11 PM
Harbormaster completed remote builds in B34339: Diff 78651.Oct 23 2020, 6:11 PM
alc added a comment.Oct 25 2020, 12:06 AM

After mulling this over for the past day or so, I'd like to propose the following alternative description:

"This option creates a memory region that grows downward on demand and an adjoining guard that both reserves address space for the memory region to grow into and limits the memory region's growth. Together, the memory region and the guard occupy len bytes of the address space. The guard starts at the returned address, and the memory region ends at the returned address plus len bytes. Upon access to the guard, the memory region automatically grows in size, and the guard shrinks by an equal amount. Essentially, the boundary between the guard and the memory region moves downward so that the access falls within the enlarged memory region. However, the guard will never shrink to less than the number of pages specified by the sysctl security.bsd.stack_guard_page, thereby ensuring that a gap for detecting stack overflow always exists between the downward growing memory region and the closest memory region beneath it."

kib added a comment.Oct 25 2020, 11:20 AM
In D26908#600942, @alc wrote:

After mulling this over for the past day or so, I'd like to propose the following alternative description:

"This option creates a memory region that grows downward on demand and an adjoining guard that both reserves address space for the memory region to grow into and limits the memory region's growth. Together, the memory region and the guard occupy len bytes of the address space. The guard starts at the returned address, and the memory region ends at the returned address plus len bytes. Upon access to the guard, the memory region automatically grows in size, and the guard shrinks by an equal amount. Essentially, the boundary between the guard and the memory region moves downward so that the access falls within the enlarged memory region. However, the guard will never shrink to less than the number of pages specified by the sysctl security.bsd.stack_guard_page, thereby ensuring that a gap for detecting stack overflow always exists between the downward growing memory region and the closest memory region beneath it."

Sounds good to me. Do you want to prepare the patch based on this text, or should I do it ?

alc commandeered this revision.Oct 26 2020, 4:51 AM
alc edited reviewers, added: kib; removed: alc.
Herald added a reviewer: manpages. · View Herald TranscriptOct 26 2020, 4:51 AM
alc updated this revision to Diff 78763.Oct 26 2020, 4:52 AM
kib accepted this revision.Oct 26 2020, 8:27 AM
This revision is now accepted and ready to land.Oct 26 2020, 8:27 AM
bcr accepted this revision as: manpages.Oct 26 2020, 9:04 AM
bcr added a subscriber: bcr.

OK from manpages as well.

markj accepted this revision.Oct 27 2020, 12:33 PM
markj added inline comments.
lib/libc/sys/mmap.2
322 ↗(On Diff #78763)

I'd find this sentence a bit easier to parse if there was a comma after "demand" or if it started with "Creates both a mapped region ... and an adjoining ..."

alc marked an inline comment as done.Oct 27 2020, 5:40 PM
alc added inline comments.
lib/libc/sys/mmap.2
322 ↗(On Diff #78763)

I'll add "both". I worried that this sentence was too long, but I wanted the first sentence to include "grows downward on demand".

Closed by commit rS367087: Revise the description of MAP_STACK. In particular, describe the guard (authored by alc). · Explain WhyOct 27 2020, 6:09 PM
This revision was automatically updated to reflect the committed changes.
alc marked an inline comment as done.
alc added a commit: rS367087: Revise the description of MAP_STACK. In particular, describe the guard.

Revision Contents
Changeset List

PathSize
head/
lib/
libc/
sys/
42 lines

Diff 78829

View Options

head/lib/libc/sys/mmap.2

Loading...