[PW_SID:1099248] riscv: cfi: reduce shadow stack size limit from 2GB to 512MB#1995
[PW_SID:1099248] riscv: cfi: reduce shadow stack size limit from 2GB to 512MB#1995linux-riscv-bot wants to merge 2 commits into
Conversation
Change the shadow stack size calculation from RLIMIT_STACK/2 (capped at 2GB) to RLIMIT_STACK/8 (capped at 512MB), following David Laight's analysis and recommendation. Rationale: David Laight pointed out that the focus should be on the ratio between shadow stack size and the normal stack size, rather than just the absolute upper limit. His analysis showed that while there are many functions with small stack frames, the majority have stack deltas of over 64 bytes due to saved registers and local variables. Shadow stacks only store return addresses (8 bytes per entry on 64-bit systems), whereas normal stack frames typically consume 64+ bytes. This 8:64 byte ratio means that programs using a lot of stack space are dominated by large buffer allocations and local variables, not extreme recursion depths with minimal local data. For example, with the default RLIMIT_STACK of 8MB: - RLIMIT_STACK/2 gives a 4MB shadow stack supporting 512K nested calls - RLIMIT_STACK/8 gives a 1MB shadow stack supporting 128K nested calls Given typical stack frame sizes of 64+ bytes, RLIMIT_STACK/8 is still conservative and provides adequate depth for practical applications. David noted that this could even be safely halved again. This reduction also better accommodates memory-constrained platforms. On systems with limited physical memory, allocating large shadow stacks can cause virtual memory allocation failures when overcommit mode is set to OVERCOMMIT_GUESS or OVERCOMMIT_NEVER. Suggested-by: David Laight <david.laight.linux@gmail.com> Link: https://lore.kernel.org/all/20260518105725.7afe7a4c@pumpkin/ Signed-off-by: Zong Li <zong.li@sifive.com> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
|
Patch 1: "riscv: cfi: reduce shadow stack size limit from 2GB to 512MB" |
linux-riscv-bot
force-pushed
the
workflow__riscv__fixes
branch
from
a1231b7 to
c03cdce
Compare
2 participants
PR for series 1099248 applied to workflow__riscv__fixes
Name: riscv: cfi: reduce shadow stack size limit from 2GB to 512MB
URL: https://patchwork.kernel.org/project/linux-riscv/list/?series=1099248
Version: 1