|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] Re: Stack Overflow Protection
From: Robert Schiele (rschiele
uni-mannheim.de)
Date: Sat Dec 06 2003 - 06:00:41 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, Dec 06, 2003 at 12:33:04PM +0100, Bernhard Walle wrote:
> But: What does the Kernel Stack Protection do, where can I read
> something about this?
It just does a quick check on every hardware interrupt whether there is less
than 1KB of stack space free, and if this is the case, prints a warning
message. The code for this is quite simple. For example everything for i386
architecture is:
long esp;
/* Debugging check for stack overflow: is there less than 1KB free? */
__asm__ __volatile__("andl %%esp,%0" : "=r" (esp) : "0" (8191));
if (unlikely(esp < (sizeof(struct task_struct) + sysctl_stackwarn))) {
static unsigned long next_jiffies; /* ratelimiting */
static long least_esp = THREAD_SIZE;
if (time_after(jiffies, next_jiffies) || (esp < least_esp)) {
least_esp = esp;
next_jiffies = jiffies + 5*HZ;
printk("WARNING: do_IRQ: near stack overflow: %ld\n",
esp - sizeof(struct task_struct));
dump_stack();
}
}
This next_jiffies stuff is just to prevent that the same message is printed
hundreds of thousand times in a row.
Robert
--
Robert Schiele Tel.: +49-621-181-2517
Dipl.-Wirtsch.informatiker mailto:rschieleuni-mannheim.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/0cTpxcDFxyGNGNcRAmZOAKCq2oy+ij/nK7hIdB0eemzyHwEOrQCaA05x
MVXYgPmz8sqatq0Nl/NuAms=
=9UGY
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]