On Thu, Apr 18, 2019 at 7:57 AM Guenter Roeck <li...@roeck-us.net> wrote: > > On Mon, Apr 15, 2019 at 09:23:20PM -0700, Kees Cook wrote: > > Commit eab09532d400 ("binfmt_elf: use ELF_ET_DYN_BASE only for PIE"), > > made changes in the rare case when the ELF loader was directly invoked > > (e.g to set a non-inheritable LD_LIBRARY_PATH, testing new versions of > > the loader), by moving into the mmap region to avoid both ET_EXEC and PIE > > binaries. This had the effect of also moving the brk region into mmap, > > which could lead to the stack and brk being arbitrarily close to each > > other. An unlucky process wouldn't get its requested stack size and stack > > allocations could end up scribbling on the heap. > > > > This patch results in crashes of my xtensa boot tests. > > Run /sbin/init as init process > Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
Thanks for finding this! I *think* the issue is that I needed to be testing for CONFIG_ARCH_HAS_ELF_RANDOMIZATION, which xtensa lacks. I'll get this fixed up and resent through -mm. -- Kees Cook