|
|
08a17a |
diff -r eecfc14e66ee src/os/linux/vm/os_linux.cpp
|
|
|
08a17a |
--- openjdk/hotspot/src/os/linux/vm/os_linux.cpp Mon Jan 22 16:25:24 2018 +0000
|
|
|
08a17a |
+++ openjdk/hotspot/src/os/linux/vm/os_linux.cpp Wed Feb 21 13:52:31 2018 +0000
|
|
|
08a17a |
@@ -1,5 +1,5 @@
|
|
|
08a17a |
/*
|
|
|
08a17a |
- * Copyright (c) 1999, 2016, Oracle and/or its affiliates. All rights reserved.
|
|
|
08a17a |
+ * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved.
|
|
|
08a17a |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
|
08a17a |
*
|
|
|
08a17a |
* This code is free software; you can redistribute it and/or modify it
|
|
|
08a17a |
@@ -674,6 +674,10 @@
|
|
|
08a17a |
}
|
|
|
08a17a |
}
|
|
|
08a17a |
|
|
|
08a17a |
+void os::Linux::expand_stack_to(address bottom) {
|
|
|
08a17a |
+ _expand_stack_to(bottom);
|
|
|
08a17a |
+}
|
|
|
08a17a |
+
|
|
|
08a17a |
bool os::Linux::manually_expand_stack(JavaThread * t, address addr) {
|
|
|
08a17a |
assert(t!=NULL, "just checking");
|
|
|
08a17a |
assert(t->osthread()->expanding_stack(), "expand should be set");
|
|
|
08a17a |
diff -r eecfc14e66ee src/os/linux/vm/os_linux.hpp
|
|
|
08a17a |
--- openjdk/hotspot/src/os/linux/vm/os_linux.hpp Mon Jan 22 16:25:24 2018 +0000
|
|
|
08a17a |
+++ openjdk/hotspot/src/os/linux/vm/os_linux.hpp Wed Feb 21 13:52:31 2018 +0000
|
|
|
08a17a |
@@ -1,5 +1,5 @@
|
|
|
08a17a |
/*
|
|
|
08a17a |
- * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
|
|
|
08a17a |
+ * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved.
|
|
|
08a17a |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
|
08a17a |
*
|
|
|
08a17a |
* This code is free software; you can redistribute it and/or modify it
|
|
|
08a17a |
@@ -245,6 +245,8 @@
|
|
|
08a17a |
static int safe_cond_timedwait(pthread_cond_t *_cond, pthread_mutex_t *_mutex, const struct timespec *_abstime);
|
|
|
08a17a |
|
|
|
08a17a |
private:
|
|
|
08a17a |
+ static void expand_stack_to(address bottom);
|
|
|
08a17a |
+
|
|
|
08a17a |
typedef int (*sched_getcpu_func_t)(void);
|
|
|
08a17a |
typedef int (*numa_node_to_cpus_func_t)(int node, unsigned long *buffer, int bufferlen);
|
|
|
08a17a |
typedef int (*numa_max_node_func_t)(void);
|
|
|
08a17a |
diff -r eecfc14e66ee src/os_cpu/linux_x86/vm/os_linux_x86.cpp
|
|
|
08a17a |
--- openjdk/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp Mon Jan 22 16:25:24 2018 +0000
|
|
|
08a17a |
+++ openjdk/hotspot/src/os_cpu/linux_x86/vm/os_linux_x86.cpp Wed Feb 21 13:52:31 2018 +0000
|
|
|
08a17a |
@@ -1,5 +1,5 @@
|
|
|
08a17a |
/*
|
|
|
08a17a |
- * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
|
|
|
08a17a |
+ * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved.
|
|
|
08a17a |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
|
08a17a |
*
|
|
|
08a17a |
* This code is free software; you can redistribute it and/or modify it
|
|
|
08a17a |
@@ -892,6 +892,25 @@
|
|
|
08a17a |
void os::workaround_expand_exec_shield_cs_limit() {
|
|
|
08a17a |
#if defined(IA32)
|
|
|
08a17a |
size_t page_size = os::vm_page_size();
|
|
|
08a17a |
+
|
|
|
08a17a |
+ /*
|
|
|
08a17a |
+ * JDK-8197429
|
|
|
08a17a |
+ *
|
|
|
08a17a |
+ * Expand the stack mapping to the end of the initial stack before
|
|
|
08a17a |
+ * attempting to install the codebuf. This is needed because newer
|
|
|
08a17a |
+ * Linux kernels impose a distance of a megabyte between stack
|
|
|
08a17a |
+ * memory and other memory regions. If we try to install the
|
|
|
08a17a |
+ * codebuf before expanding the stack the installation will appear
|
|
|
08a17a |
+ * to succeed but we'll get a segfault later if we expand the stack
|
|
|
08a17a |
+ * in Java code.
|
|
|
08a17a |
+ *
|
|
|
08a17a |
+ */
|
|
|
08a17a |
+ if (os::Linux::is_initial_thread()) {
|
|
|
08a17a |
+ address limit = Linux::initial_thread_stack_bottom();
|
|
|
08a17a |
+ limit += (StackYellowPages + StackRedPages) * page_size;
|
|
|
08a17a |
+ os::Linux::expand_stack_to(limit);
|
|
|
08a17a |
+ }
|
|
|
08a17a |
+
|
|
|
08a17a |
/*
|
|
|
08a17a |
* Take the highest VA the OS will give us and exec
|
|
|
08a17a |
*
|
|
|
08a17a |
@@ -910,6 +929,16 @@
|
|
|
08a17a |
char* hint = (char*) (Linux::initial_thread_stack_bottom() -
|
|
|
08a17a |
((StackYellowPages + StackRedPages + 1) * page_size));
|
|
|
08a17a |
char* codebuf = os::attempt_reserve_memory_at(page_size, hint);
|
|
|
08a17a |
+
|
|
|
08a17a |
+ if (codebuf == NULL) {
|
|
|
08a17a |
+ // JDK-8197429: There may be a stack gap of one megabyte between
|
|
|
08a17a |
+ // the limit of the stack and the nearest memory region: this is a
|
|
|
08a17a |
+ // Linux kernel workaround for CVE-2017-1000364. If we failed to
|
|
|
08a17a |
+ // map our codebuf, try again at an address one megabyte lower.
|
|
|
08a17a |
+ hint -= 1 * M;
|
|
|
08a17a |
+ codebuf = os::attempt_reserve_memory_at(page_size, hint);
|
|
|
08a17a |
+ }
|
|
|
08a17a |
+
|
|
|
08a17a |
if ( (codebuf == NULL) || (!os::commit_memory(codebuf, page_size, true)) ) {
|
|
|
08a17a |
return; // No matter, we tried, best effort.
|
|
|
08a17a |
}
|