[Replying here instead of tor-project@ because this is technical.]
On Wed, 04 Apr 2018 07:16:00 +0000 Georg Koppen gk@torproject.org wrote:
best thing I've been able to come up with is bouncing up the rbpregister until we get an address that's out of range in order to get a good estimate of where the stack memory map begins/ends
Heh. Depending on how good the estimate needs to be, something like:
extern char **environ; void *addr = (environ & ~(4096-1)) + 4096 - stacksize;
Will at worst, be off by 31 pages. If you are certain that the ELF auxiliary vectors, env vars, command line arguments, and a negligible amount of overhead for bookkeeping won't exceed a page, it will be exact[0].
See "System V Application Binary Interface AMD64 Architecture Processor Supplement" 3.4.1 and the Linux kernel source for more details.
nb: Firefox appears to trample over environ so, the value needs to be cached fairly early on in the process' lifetime.
Regards,