On Fri, Jul 7, 2017 at 9:06 AM, Linus Torvalds <torva...@linux-foundation.org> wrote: > On Thu, Jul 6, 2017 at 11:10 PM, Kees Cook <keesc...@chromium.org> wrote: >> On Thu, Jul 6, 2017 at 11:02 PM, Linus Torvalds >> <torva...@linux-foundation.org> wrote: >>> So 2+MB is still definitely something people can do (and probably *do* do). >> >> With the default 8MB stack, most people are already limited to 2MB >> here. I guess the question is, do people raise their stack rlimit to >> gain more arguments? Should I pick a different value for the args? > > So I would not be at all surprised if people just made the stack limit > higher when they hit the E2BIG issue in some script. > > So yes, I'd make the max args cutoff be higher than 2MB. > > I'd suggest we make the code do: > > (a) keep the existing rlimit/4 check (so *most* people will see the > exact same behavior) > > (b) add a static max arg check for something that is closer to 8MB > but leaves a somewhat reasonable stack size even if the stack size get > reset to 8MB > > I'd suggest that (b) case just be 6MB or something. Maybe make it > (_STK_LIM/4*3) or whatever, in case we ever end up changing that > value.
Sounds good. I'll send a patch... -Kees -- Kees Cook Pixel Security
