From: Jason Cooper <jason@lakedaemon.net>
To: william.c.roberts@intel.com, linux-mm@vger.kernel.org,
linux-kernel@vger.kernel.org,
kernel-hardening@lists.openwall.com
Cc: Jason Cooper <jason@lakedaemon.net>,
linux@arm.linux.org.uk, akpm@linux-foundation.org,
keescook@chromium.org, tytso@mit.edu, arnd@arndb.de,
gregkh@linuxfoundation.org, catalin.marinas@arm.com,
will.deacon@arm.com, ralf@linux-mips.org,
benh@kernel.crashing.org, paulus@samba.org, mpe@ellerman.id.au,
davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com,
hpa@zytor.com, x86@kernel.org, viro@zeniv.linux.org.uk,
nnk@google.com, jeffv@google.com, alyzyn@android.com,
dcashman@android.com
Subject: [RFC patch 2/6] x86: Use simpler API for random address requests
Date: Tue, 26 Jul 2016 03:01:56 +0000 [thread overview]
Message-ID: <20160726030201.6775-2-jason@lakedaemon.net> (raw)
In-Reply-To: <20160726030201.6775-1-jason@lakedaemon.net>
Currently, all callers to randomize_range() set the length to 0 and
calculate end by adding a constant to the start address. We can
simplify the API to remove a bunch of needless checks and variables.
Use the new randomize_addr(start, range) call to set the requested
address.
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
---
arch/x86/kernel/process.c | 3 +--
arch/x86/kernel/sys_x86_64.c | 5 +----
2 files changed, 2 insertions(+), 6 deletions(-)
diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index 96becbbb52e0..a083a2c0744e 100644
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -507,8 +507,7 @@ unsigned long arch_align_stack(unsigned long sp)
unsigned long arch_randomize_brk(struct mm_struct *mm)
{
- unsigned long range_end = mm->brk + 0x02000000;
- return randomize_range(mm->brk, range_end, 0) ? : mm->brk;
+ return randomize_addr(mm->brk, 0x02000000);
}
/*
diff --git a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c
index 10e0272d789a..f9cad22808fc 100644
--- a/arch/x86/kernel/sys_x86_64.c
+++ b/arch/x86/kernel/sys_x86_64.c
@@ -101,7 +101,6 @@ static void find_start_end(unsigned long flags, unsigned long *begin,
unsigned long *end)
{
if (!test_thread_flag(TIF_ADDR32) && (flags & MAP_32BIT)) {
- unsigned long new_begin;
/* This is usually used needed to map code in small
model, so it needs to be in the first 31bit. Limit
it to that. This means we need to move the
@@ -112,9 +111,7 @@ static void find_start_end(unsigned long flags, unsigned long *begin,
*begin = 0x40000000;
*end = 0x80000000;
if (current->flags & PF_RANDOMIZE) {
- new_begin = randomize_range(*begin, *begin + 0x02000000, 0);
- if (new_begin)
- *begin = new_begin;
+ *begin = randomize_addr(*begin, 0x02000000);
}
} else {
*begin = current->mm->mmap_legacy_base;
--
2.9.2
WARNING: multiple messages have this Message-ID (diff)
From: Jason Cooper <jason@lakedaemon.net>
To: william.c.roberts@intel.com, linux-mm@vger.kernel.org,
linux-kernel@vger.kernel.org,
kernel-hardening@lists.openwall.com
Cc: Jason Cooper <jason@lakedaemon.net>,
linux@arm.linux.org.uk, akpm@linux-foundation.org,
keescook@chromium.org, tytso@mit.edu, arnd@arndb.de,
gregkh@linuxfoundation.org, catalin.marinas@arm.com,
will.deacon@arm.com, ralf@linux-mips.org,
benh@kernel.crashing.org, paulus@samba.org, mpe@ellerman.id.au,
davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com,
hpa@zytor.com, x86@kernel.org, viro@zeniv.linux.org.uk,
nnk@google.com, jeffv@google.com, alyzyn@android.com,
dcashman@android.com
Subject: [kernel-hardening] [RFC patch 2/6] x86: Use simpler API for random address requests
Date: Tue, 26 Jul 2016 03:01:56 +0000 [thread overview]
Message-ID: <20160726030201.6775-2-jason@lakedaemon.net> (raw)
In-Reply-To: <20160726030201.6775-1-jason@lakedaemon.net>
Currently, all callers to randomize_range() set the length to 0 and
calculate end by adding a constant to the start address. We can
simplify the API to remove a bunch of needless checks and variables.
Use the new randomize_addr(start, range) call to set the requested
address.
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
---
arch/x86/kernel/process.c | 3 +--
arch/x86/kernel/sys_x86_64.c | 5 +----
2 files changed, 2 insertions(+), 6 deletions(-)
diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index 96becbbb52e0..a083a2c0744e 100644
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -507,8 +507,7 @@ unsigned long arch_align_stack(unsigned long sp)
unsigned long arch_randomize_brk(struct mm_struct *mm)
{
- unsigned long range_end = mm->brk + 0x02000000;
- return randomize_range(mm->brk, range_end, 0) ? : mm->brk;
+ return randomize_addr(mm->brk, 0x02000000);
}
/*
diff --git a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c
index 10e0272d789a..f9cad22808fc 100644
--- a/arch/x86/kernel/sys_x86_64.c
+++ b/arch/x86/kernel/sys_x86_64.c
@@ -101,7 +101,6 @@ static void find_start_end(unsigned long flags, unsigned long *begin,
unsigned long *end)
{
if (!test_thread_flag(TIF_ADDR32) && (flags & MAP_32BIT)) {
- unsigned long new_begin;
/* This is usually used needed to map code in small
model, so it needs to be in the first 31bit. Limit
it to that. This means we need to move the
@@ -112,9 +111,7 @@ static void find_start_end(unsigned long flags, unsigned long *begin,
*begin = 0x40000000;
*end = 0x80000000;
if (current->flags & PF_RANDOMIZE) {
- new_begin = randomize_range(*begin, *begin + 0x02000000, 0);
- if (new_begin)
- *begin = new_begin;
+ *begin = randomize_addr(*begin, 0x02000000);
}
} else {
*begin = current->mm->mmap_legacy_base;
--
2.9.2
next prev parent reply other threads:[~2016-07-26 3:06 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-25 18:25 [PATCH] randomize_range: use random long instead of int william.c.roberts
2016-07-25 18:54 ` Kees Cook
2016-07-26 2:18 ` Jason Cooper
2016-07-26 3:01 ` [RFC patch 1/6] random: Simplify API for random address requests Jason Cooper
2016-07-26 3:01 ` [kernel-hardening] " Jason Cooper
2016-07-26 3:01 ` Jason Cooper [this message]
2016-07-26 3:01 ` [kernel-hardening] [RFC patch 2/6] x86: Use simpler " Jason Cooper
2016-07-26 3:01 ` [RFC patch 3/6] ARM: " Jason Cooper
2016-07-26 3:01 ` [kernel-hardening] " Jason Cooper
2016-07-26 3:01 ` [RFC patch 4/6] arm64: " Jason Cooper
2016-07-26 3:01 ` [kernel-hardening] " Jason Cooper
2016-07-26 3:01 ` [RFC patch 5/6] tile: " Jason Cooper
2016-07-26 3:01 ` [kernel-hardening] " Jason Cooper
2016-07-26 3:02 ` [RFC patch 6/6] unicore32: " Jason Cooper
2016-07-26 3:02 ` [kernel-hardening] " Jason Cooper
2016-07-26 3:30 ` [RFC patch 1/6] random: Simplify " Jason Cooper
2016-07-26 3:30 ` [kernel-hardening] " Jason Cooper
2016-07-26 4:39 ` Kees Cook
2016-07-26 4:39 ` [kernel-hardening] " Kees Cook
2016-07-26 17:00 ` Jason Cooper
2016-07-26 17:00 ` [kernel-hardening] " Jason Cooper
2016-07-26 17:07 ` Kees Cook
2016-07-26 17:07 ` [kernel-hardening] " Kees Cook
2016-07-28 19:02 ` Jason Cooper
2016-07-28 19:02 ` [kernel-hardening] " Jason Cooper
2016-07-26 17:33 ` Roberts, William C
2016-07-26 17:33 ` [kernel-hardening] " Roberts, William C
2016-07-26 4:44 ` Kees Cook
2016-07-26 4:44 ` [kernel-hardening] " Kees Cook
2016-07-26 15:55 ` Jason Cooper
2016-07-26 15:55 ` [kernel-hardening] " Jason Cooper
2016-07-26 16:40 ` Kees Cook
2016-07-26 16:40 ` [kernel-hardening] " Kees Cook
2016-07-27 13:51 ` [kernel-hardening] " Yann Droneaud
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160726030201.6775-2-jason@lakedaemon.net \
--to=jason@lakedaemon.net \
--cc=akpm@linux-foundation.org \
--cc=alyzyn@android.com \
--cc=arnd@arndb.de \
--cc=benh@kernel.crashing.org \
--cc=catalin.marinas@arm.com \
--cc=davem@davemloft.net \
--cc=dcashman@android.com \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=jeffv@google.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@vger.kernel.org \
--cc=linux@arm.linux.org.uk \
--cc=mingo@redhat.com \
--cc=mpe@ellerman.id.au \
--cc=nnk@google.com \
--cc=paulus@samba.org \
--cc=ralf@linux-mips.org \
--cc=tglx@linutronix.de \
--cc=tytso@mit.edu \
--cc=viro@zeniv.linux.org.uk \
--cc=will.deacon@arm.com \
--cc=william.c.roberts@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.