Commit ea7e0480a4b695d0aa6b3 ("MIPS: VDSO: Always map near top of user
memory") set VDSO_RANDOMIZE_SIZE to 256MB for 64bit kernel. But take a
look at arch/mips/mm/mmap.c we can see that MIN_GAP is 128MB, which
means the mmap_base may be at (user_address_top - 128MB). This make the
stack be surrounded by mmaped areas, then stack expanding fails and
causes a segmentation fault. Therefore, VDSO_RANDOMIZE_SIZE should be
less than MIN_GAP and this patch reduce it to 64MB.
By the way, not all VDSO_RANDOMIZE_SIZE can be used for vdso_base()
randomization because VDSO need some room to locate itself (in this
patch we reserve 64KB).
Cc: stable@xxxxxxxxxxxxxxx
Fixes: ea7e0480a4b695d0aa ("MIPS: VDSO: Always map near top of user memory")
Signed-off-by: Huacai Chen <chenhc@xxxxxxxxxx>
---
arch/mips/include/asm/processor.h | 2 +-
arch/mips/kernel/vdso.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/mips/include/asm/processor.h b/arch/mips/include/asm/processor.h
index 49d6046..c373eb6 100644
--- a/arch/mips/include/asm/processor.h
+++ b/arch/mips/include/asm/processor.h
@@ -81,7 +81,7 @@ extern unsigned int vced_count, vcei_count;
#endif
-#define VDSO_RANDOMIZE_SIZE (TASK_IS_32BIT_ADDR ? SZ_1M : SZ_256M)
+#define VDSO_RANDOMIZE_SIZE (TASK_IS_32BIT_ADDR ? SZ_1M : SZ_64M)
extern unsigned long mips_stack_top(void);
#define STACK_TOP mips_stack_top()
diff --git a/arch/mips/kernel/vdso.c b/arch/mips/kernel/vdso.c
index 48a9c6b..d6232d9 100644
--- a/arch/mips/kernel/vdso.c
+++ b/arch/mips/kernel/vdso.c
@@ -106,7 +106,7 @@ static unsigned long vdso_base(void)
base = STACK_TOP + PAGE_SIZE;
if (current->flags & PF_RANDOMIZE) {
- base += get_random_int() & (VDSO_RANDOMIZE_SIZE - 1);
+ base += get_random_int() & (VDSO_RANDOMIZE_SIZE - SZ_64K - 1);
base = PAGE_ALIGN(base);
}
--
2.7.0
