Thread (12 messages) 12 messages, 9 authors, 2012-09-16

kernel stack memory

From: Ashish Sangwan <hidden>
Date: 2012-09-13 13:11:47 

Enable this CONFIG_CC_STACKPROTECTOR and you will get crash.
Stack overflow does'nt necessarily creates kernel panic ;)

On Thu, Sep 13, 2012 at 5:00 PM, Denis Kirjanov [off-list ref] wrote:
At the moment of forking a new process do_fork() creates a new stack for the
task by using alloc_thread_info_node():

        struct page *page = alloc_pages_node(node, THREADINFO_GFP,
                                             THREAD_SIZE_ORDER);


On 9/13/12, Rajat Sharma [off-list ref] wrote:
quoted
"The kernel stack is part of task_struct of the running process"

Please double check that, its not part of task_struct, rather on some
architectures, kernel stack is extended by a thread_info structure at
the end which keeps a link to task_struct of the process.

-Rajat

On Thu, Sep 13, 2012 at 1:59 PM, Arun KS [off-list ref] wrote:
quoted
Hello Shubham,

On Thu, Sep 13, 2012 at 12:15 PM, shubham sharma [off-list ref]
wrote:
quoted
Hi,

As far as i know, the size of stack allocated in the kernel space is
8Kb for each process. But in case i use more than 8Kb of memory from
the stack then what will happen? I think that in that case the system
would crash because i am accessing an illegal memory area. I wrote
kernel module in which i defined an integer array whose size was 8000.
But still it did not crash my system. Why?

The module i wrote was as follows:

#include <linux/kernel.h>
#include <linux/module.h>

int __init init_my_module(void)
{
        int arr[8000];
        printk("%s:%d\tmodule initilized\n", __func__, __LINE__);
        arr[1] = 1;
        arr[4000] = 1;
        arr[7999] = 1;
Instead do a memset.
memset(arr, 0, 8192);

If you do this the current calling process thread_info will be set to
zero.
This should cause a crash.

Thanks,
Arun
quoted
        printk("%s:%d\tarr[1]:%d, arr[4000]:%d, arr[7999]:%d\n",
__func__,
__LINE__, arr[1], arr[4000], arr[7999]);
        return 0;
}

void __exit cleanup_my_module(void)
{
        printk("exiting\n");
        return;
}

module_init(init_my_module);
module_exit(cleanup_my_module);

MODULE_LICENSE("GPL");

_______________________________________________
Kernelnewbies mailing list
Kernelnewbies at kernelnewbies.org
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies


_______________________________________________
Kernelnewbies mailing list
Kernelnewbies at kernelnewbies.org
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies at kernelnewbies.org
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

--
Regards,
Denis

_______________________________________________
Kernelnewbies mailing list
Kernelnewbies at kernelnewbies.org
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help