2014-10-25 2:22 GMT+02:00 Andy Lutomirski <l...@amacapital.net>: > Is there any good reason not to use vmalloc for x86_64 stacks? > > The tricky bits I've thought of are: > > - On any context switch, we probably need to probe the new stack > before switching to it. That way, if it's going to fault due to an > out-of-sync pgd, we still have a stack available to handle the fault.
Would that prevent from any further fault on a vmalloc'ed kernel stack? We would need to ensure that pre-faulting, say the first byte, is enough to sync the whole new stack entirely otherwise we risk another future fault and some places really aren't safely faulted. > > - Any time we change cr3, we may need to check that the pgd > corresponding to rsp is there. If now, we need to sync it over. > > - For simplicity, we probably want all stack ptes to be present all > the time. This is fine; vmalloc already works that way. > > - If we overrun the stack, we double-fault. This should be easy to > detect: any double-fault where rsp is less than 20 bytes from the > bottom of the stack is a failure to deliver a non-IST exception due to > a stack overflow. The question is: what do we do if this happens? > We could just panic (guaranteed to work). We could also try to > recover by killing the offending task, but that might be a bit > challenging, since we're in IST context. We could do something truly > awful: increment RSP by a few hundred bytes, point RIP at do_exit, and > return from the double fault. > > Thoughts? This shouldn't be all that much code. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
