From: Kees Cook <keescook@chromium.org>
To: Alexandre Ghiti <alex@ghiti.fr>
Cc: Albert Ou <aou@eecs.berkeley.edu>,
Catalin Marinas <catalin.marinas@arm.com>,
Palmer Dabbelt <palmer@sifive.com>,
Will Deacon <will.deacon@arm.com>,
Russell King <linux@armlinux.org.uk>,
Ralf Baechle <ralf@linux-mips.org>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
Paul Burton <paul.burton@mips.com>,
linux-riscv@lists.infradead.org,
Alexander Viro <viro@zeniv.linux.org.uk>,
James Hogan <jhogan@kernel.org>,
linux-fsdevel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
linux-mips@vger.kernel.org, Christoph Hellwig <hch@lst.de>,
linux-arm-kernel@lists.infradead.org,
Luis Chamberlain <mcgrof@kernel.org>
Subject: Re: [PATCH v4 05/14] arm64, mm: Make randomization selected by generic topdown mmap layout
Date: Wed, 29 May 2019 13:10:50 -0700 [thread overview]
Message-ID: <201905291310.E27265DACF@keescook> (raw)
In-Reply-To: <20190526134746.9315-6-alex@ghiti.fr>
On Sun, May 26, 2019 at 09:47:37AM -0400, Alexandre Ghiti wrote:
> This commits selects ARCH_HAS_ELF_RANDOMIZE when an arch uses the generic
> topdown mmap layout functions so that this security feature is on by
> default.
> Note that this commit also removes the possibility for arm64 to have elf
> randomization and no MMU: without MMU, the security added by randomization
> is worth nothing.
>
> Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
Acked-by: Kees Cook <keescook@chromium.org>
-Kees
> ---
> arch/Kconfig | 1 +
> arch/arm64/Kconfig | 1 -
> arch/arm64/kernel/process.c | 8 --------
> mm/util.c | 11 +++++++++--
> 4 files changed, 10 insertions(+), 11 deletions(-)
>
> diff --git a/arch/Kconfig b/arch/Kconfig
> index df3ab04270fa..3732654446cc 100644
> --- a/arch/Kconfig
> +++ b/arch/Kconfig
> @@ -710,6 +710,7 @@ config HAVE_ARCH_COMPAT_MMAP_BASES
> config ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT
> bool
> depends on MMU
> + select ARCH_HAS_ELF_RANDOMIZE
>
> config HAVE_COPY_THREAD_TLS
> bool
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 3d754c19c11e..403bd3fffdbc 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -15,7 +15,6 @@ config ARM64
> select ARCH_HAS_DMA_MMAP_PGPROT
> select ARCH_HAS_DMA_PREP_COHERENT
> select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI
> - select ARCH_HAS_ELF_RANDOMIZE
> select ARCH_HAS_FAST_MULTIPLIER
> select ARCH_HAS_FORTIFY_SOURCE
> select ARCH_HAS_GCOV_PROFILE_ALL
> diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c
> index 3767fb21a5b8..3f85f8f2d665 100644
> --- a/arch/arm64/kernel/process.c
> +++ b/arch/arm64/kernel/process.c
> @@ -535,14 +535,6 @@ unsigned long arch_align_stack(unsigned long sp)
> return sp & ~0xf;
> }
>
> -unsigned long arch_randomize_brk(struct mm_struct *mm)
> -{
> - if (is_compat_task())
> - return randomize_page(mm->brk, SZ_32M);
> - else
> - return randomize_page(mm->brk, SZ_1G);
> -}
> -
> /*
> * Called from setup_new_exec() after (COMPAT_)SET_PERSONALITY.
> */
> diff --git a/mm/util.c b/mm/util.c
> index 717f5d75c16e..8a38126edc74 100644
> --- a/mm/util.c
> +++ b/mm/util.c
> @@ -319,7 +319,15 @@ unsigned long randomize_stack_top(unsigned long stack_top)
> }
>
> #ifdef CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT
> -#ifdef CONFIG_ARCH_HAS_ELF_RANDOMIZE
> +unsigned long arch_randomize_brk(struct mm_struct *mm)
> +{
> + /* Is the current task 32bit ? */
> + if (!IS_ENABLED(CONFIG_64BIT) || is_compat_task())
> + return randomize_page(mm->brk, SZ_32M);
> +
> + return randomize_page(mm->brk, SZ_1G);
> +}
> +
> unsigned long arch_mmap_rnd(void)
> {
> unsigned long rnd;
> @@ -333,7 +341,6 @@ unsigned long arch_mmap_rnd(void)
>
> return rnd << PAGE_SHIFT;
> }
> -#endif /* CONFIG_ARCH_HAS_ELF_RANDOMIZE */
>
> static int mmap_is_legacy(struct rlimit *rlim_stack)
> {
> --
> 2.20.1
>
--
Kees Cook
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2019-05-29 20:11 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-26 13:47 [PATCH v4 00/14] Provide generic top-down mmap layout functions Alexandre Ghiti
2019-05-26 13:47 ` [PATCH v4 01/14] mm, fs: Move randomize_stack_top from fs to mm Alexandre Ghiti
2019-05-26 13:47 ` [PATCH v4 02/14] arm64: Make use of is_compat_task instead of hardcoding this test Alexandre Ghiti
2019-06-03 17:32 ` Catalin Marinas
2019-05-26 13:47 ` [PATCH v4 03/14] arm64: Consider stack randomization for mmap base only when necessary Alexandre Ghiti
2019-06-03 17:37 ` Catalin Marinas
2019-05-26 13:47 ` [PATCH v4 04/14] arm64, mm: Move generic mmap layout functions to mm Alexandre Ghiti
2019-05-29 20:10 ` Kees Cook
2019-06-03 17:38 ` Catalin Marinas
2019-05-26 13:47 ` [PATCH v4 05/14] arm64, mm: Make randomization selected by generic topdown mmap layout Alexandre Ghiti
2019-05-29 20:10 ` Kees Cook [this message]
2019-06-01 9:04 ` Christoph Hellwig
2019-06-03 7:05 ` Alexandre Ghiti
2019-06-03 17:40 ` Catalin Marinas
2019-06-04 6:20 ` Alex Ghiti
2019-05-26 13:47 ` [PATCH v4 06/14] arm: Properly account for stack randomization and stack guard gap Alexandre Ghiti
2019-05-26 13:47 ` [PATCH v4 07/14] arm: Use STACK_TOP when computing mmap base address Alexandre Ghiti
2019-05-26 13:47 ` [PATCH v4 08/14] arm: Use generic mmap top-down layout and brk randomization Alexandre Ghiti
2019-05-29 19:26 ` Kees Cook
2019-05-31 4:49 ` Alex Ghiti
2019-05-26 13:47 ` [PATCH v4 09/14] mips: Properly account for stack randomization and stack guard gap Alexandre Ghiti
2019-05-26 13:47 ` [PATCH v4 10/14] mips: Use STACK_TOP when computing mmap base address Alexandre Ghiti
2019-05-26 13:47 ` [PATCH v4 11/14] mips: Adjust brk randomization offset to fit generic version Alexandre Ghiti
2019-05-29 20:12 ` Kees Cook
2019-05-26 13:47 ` [PATCH v4 12/14] mips: Replace arch specific way to determine 32bit task with " Alexandre Ghiti
2019-05-29 20:12 ` Kees Cook
2019-05-26 13:47 ` [PATCH v4 13/14] mips: Use generic mmap top-down layout and brk randomization Alexandre Ghiti
2019-05-29 20:12 ` Kees Cook
2019-05-26 13:47 ` [PATCH v4 14/14] riscv: Make mmap allocation top-down by default Alexandre Ghiti
2019-05-29 20:16 ` [PATCH v4 00/14] Provide generic top-down mmap layout functions Kees Cook
2019-05-31 5:04 ` Alex Ghiti
2019-06-13 5:29 ` Alex Ghiti
2019-06-30 15:34 ` Alex Ghiti
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201905291310.E27265DACF@keescook \
--to=keescook@chromium.org \
--cc=akpm@linux-foundation.org \
--cc=alex@ghiti.fr \
--cc=aou@eecs.berkeley.edu \
--cc=catalin.marinas@arm.com \
--cc=hch@lst.de \
--cc=jhogan@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-riscv@lists.infradead.org \
--cc=linux@armlinux.org.uk \
--cc=mcgrof@kernel.org \
--cc=palmer@sifive.com \
--cc=paul.burton@mips.com \
--cc=ralf@linux-mips.org \
--cc=viro@zeniv.linux.org.uk \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).