[PATCH] uml: disallow stack access below $esp like i386 / x86_64

When a page fault occurs on an address below the stack-vma, UML tries to
expand the stack.

On i386 and x86_64, the failing address is compared to the current userspace
stack pointer.  If the failing address is below "esp-32" resp.  "rsp-128",
stack expansion is not allowed, and a SIGSEGV is given to the user.

This patch makes UML behave like i386/x86_64.
Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

arch/um/kernel/trap_kern.c

@@ -48,6 +48,8 @@ int handle_page_fault(unsigned long address, unsigned long ip,
 		goto good_area;
 	else if(!(vma->vm_flags & VM_GROWSDOWN)) 
 		goto out;
+	else if(!ARCH_IS_STACKGROW(address))
+		goto out;
 	else if(expand_stack(vma, address)) 
 		goto out;
 

include/asm-um/processor-i386.h

@@ -27,6 +27,9 @@ struct arch_thread {
 #define current_text_addr() \
 	({ void *pc; __asm__("movl $1f,%0\n1:":"=g" (pc)); pc; })
 
+#define ARCH_IS_STACKGROW(address) \
+       (address + 32 >= UPT_SP(&current->thread.regs.regs))
+
 #include "asm/processor-generic.h"
 
 #endif

include/asm-um/processor-x86_64.h

@@ -17,6 +17,9 @@ struct arch_thread {
 #define current_text_addr() \
 	({ void *pc; __asm__("movq $1f,%0\n1:":"=g" (pc)); pc; })
 
+#define ARCH_IS_STACKGROW(address) \
+        (address + 128 >= UPT_SP(&current->thread.regs.regs))
+
 #include "asm/processor-generic.h"
 
 #endif