From: Jason Cooper <jason@lakedaemon.net> To: william.c.roberts@intel.com, linux-mm@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Cc: Jason Cooper <jason@lakedaemon.net>, linux@arm.linux.org.uk, akpm@linux-foundation.org, keescook@chromium.org, tytso@mit.edu, arnd@arndb.de, gregkh@linuxfoundation.org, catalin.marinas@arm.com, will.deacon@arm.com, ralf@linux-mips.org, benh@kernel.crashing.org, paulus@samba.org, mpe@ellerman.id.au, davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, x86@kernel.org, viro@zeniv.linux.org.uk, nnk@google.com, jeffv@google.com, alyzyn@android.com, dcashman@android.com Subject: [RFC patch 2/6] x86: Use simpler API for random address requests Date: Tue, 26 Jul 2016 03:01:56 +0000 [thread overview] Message-ID: <20160726030201.6775-2-jason@lakedaemon.net> (raw) In-Reply-To: <20160726030201.6775-1-jason@lakedaemon.net> Currently, all callers to randomize_range() set the length to 0 and calculate end by adding a constant to the start address. We can simplify the API to remove a bunch of needless checks and variables. Use the new randomize_addr(start, range) call to set the requested address. Signed-off-by: Jason Cooper <jason@lakedaemon.net> --- arch/x86/kernel/process.c | 3 +-- arch/x86/kernel/sys_x86_64.c | 5 +---- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c index 96becbbb52e0..a083a2c0744e 100644 --- a/arch/x86/kernel/process.c +++ b/arch/x86/kernel/process.c @@ -507,8 +507,7 @@ unsigned long arch_align_stack(unsigned long sp) unsigned long arch_randomize_brk(struct mm_struct *mm) { - unsigned long range_end = mm->brk + 0x02000000; - return randomize_range(mm->brk, range_end, 0) ? : mm->brk; + return randomize_addr(mm->brk, 0x02000000); } /* diff --git a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c index 10e0272d789a..f9cad22808fc 100644 --- a/arch/x86/kernel/sys_x86_64.c +++ b/arch/x86/kernel/sys_x86_64.c @@ -101,7 +101,6 @@ static void find_start_end(unsigned long flags, unsigned long *begin, unsigned long *end) { if (!test_thread_flag(TIF_ADDR32) && (flags & MAP_32BIT)) { - unsigned long new_begin; /* This is usually used needed to map code in small model, so it needs to be in the first 31bit. Limit it to that. This means we need to move the @@ -112,9 +111,7 @@ static void find_start_end(unsigned long flags, unsigned long *begin, *begin = 0x40000000; *end = 0x80000000; if (current->flags & PF_RANDOMIZE) { - new_begin = randomize_range(*begin, *begin + 0x02000000, 0); - if (new_begin) - *begin = new_begin; + *begin = randomize_addr(*begin, 0x02000000); } } else { *begin = current->mm->mmap_legacy_base; -- 2.9.2
WARNING: multiple messages have this Message-ID (diff)
From: Jason Cooper <jason@lakedaemon.net> To: william.c.roberts@intel.com, linux-mm@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Cc: Jason Cooper <jason@lakedaemon.net>, linux@arm.linux.org.uk, akpm@linux-foundation.org, keescook@chromium.org, tytso@mit.edu, arnd@arndb.de, gregkh@linuxfoundation.org, catalin.marinas@arm.com, will.deacon@arm.com, ralf@linux-mips.org, benh@kernel.crashing.org, paulus@samba.org, mpe@ellerman.id.au, davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, x86@kernel.org, viro@zeniv.linux.org.uk, nnk@google.com, jeffv@google.com, alyzyn@android.com, dcashman@android.com Subject: [kernel-hardening] [RFC patch 2/6] x86: Use simpler API for random address requests Date: Tue, 26 Jul 2016 03:01:56 +0000 [thread overview] Message-ID: <20160726030201.6775-2-jason@lakedaemon.net> (raw) In-Reply-To: <20160726030201.6775-1-jason@lakedaemon.net> Currently, all callers to randomize_range() set the length to 0 and calculate end by adding a constant to the start address. We can simplify the API to remove a bunch of needless checks and variables. Use the new randomize_addr(start, range) call to set the requested address. Signed-off-by: Jason Cooper <jason@lakedaemon.net> --- arch/x86/kernel/process.c | 3 +-- arch/x86/kernel/sys_x86_64.c | 5 +---- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c index 96becbbb52e0..a083a2c0744e 100644 --- a/arch/x86/kernel/process.c +++ b/arch/x86/kernel/process.c @@ -507,8 +507,7 @@ unsigned long arch_align_stack(unsigned long sp) unsigned long arch_randomize_brk(struct mm_struct *mm) { - unsigned long range_end = mm->brk + 0x02000000; - return randomize_range(mm->brk, range_end, 0) ? : mm->brk; + return randomize_addr(mm->brk, 0x02000000); } /* diff --git a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c index 10e0272d789a..f9cad22808fc 100644 --- a/arch/x86/kernel/sys_x86_64.c +++ b/arch/x86/kernel/sys_x86_64.c @@ -101,7 +101,6 @@ static void find_start_end(unsigned long flags, unsigned long *begin, unsigned long *end) { if (!test_thread_flag(TIF_ADDR32) && (flags & MAP_32BIT)) { - unsigned long new_begin; /* This is usually used needed to map code in small model, so it needs to be in the first 31bit. Limit it to that. This means we need to move the @@ -112,9 +111,7 @@ static void find_start_end(unsigned long flags, unsigned long *begin, *begin = 0x40000000; *end = 0x80000000; if (current->flags & PF_RANDOMIZE) { - new_begin = randomize_range(*begin, *begin + 0x02000000, 0); - if (new_begin) - *begin = new_begin; + *begin = randomize_addr(*begin, 0x02000000); } } else { *begin = current->mm->mmap_legacy_base; -- 2.9.2
next prev parent reply other threads:[~2016-07-26 3:06 UTC|newest] Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top 2016-07-25 18:25 [PATCH] randomize_range: use random long instead of int william.c.roberts 2016-07-25 18:54 ` Kees Cook 2016-07-26 2:18 ` Jason Cooper 2016-07-26 3:01 ` [RFC patch 1/6] random: Simplify API for random address requests Jason Cooper 2016-07-26 3:01 ` [kernel-hardening] " Jason Cooper 2016-07-26 3:01 ` Jason Cooper [this message] 2016-07-26 3:01 ` [kernel-hardening] [RFC patch 2/6] x86: Use simpler " Jason Cooper 2016-07-26 3:01 ` [RFC patch 3/6] ARM: " Jason Cooper 2016-07-26 3:01 ` [kernel-hardening] " Jason Cooper 2016-07-26 3:01 ` [RFC patch 4/6] arm64: " Jason Cooper 2016-07-26 3:01 ` [kernel-hardening] " Jason Cooper 2016-07-26 3:01 ` [RFC patch 5/6] tile: " Jason Cooper 2016-07-26 3:01 ` [kernel-hardening] " Jason Cooper 2016-07-26 3:02 ` [RFC patch 6/6] unicore32: " Jason Cooper 2016-07-26 3:02 ` [kernel-hardening] " Jason Cooper 2016-07-26 3:30 ` [RFC patch 1/6] random: Simplify " Jason Cooper 2016-07-26 3:30 ` [kernel-hardening] " Jason Cooper 2016-07-26 4:39 ` Kees Cook 2016-07-26 4:39 ` [kernel-hardening] " Kees Cook 2016-07-26 17:00 ` Jason Cooper 2016-07-26 17:00 ` [kernel-hardening] " Jason Cooper 2016-07-26 17:07 ` Kees Cook 2016-07-26 17:07 ` [kernel-hardening] " Kees Cook 2016-07-28 19:02 ` Jason Cooper 2016-07-28 19:02 ` [kernel-hardening] " Jason Cooper 2016-07-26 17:33 ` Roberts, William C 2016-07-26 17:33 ` [kernel-hardening] " Roberts, William C 2016-07-26 4:44 ` Kees Cook 2016-07-26 4:44 ` [kernel-hardening] " Kees Cook 2016-07-26 15:55 ` Jason Cooper 2016-07-26 15:55 ` [kernel-hardening] " Jason Cooper 2016-07-26 16:40 ` Kees Cook 2016-07-26 16:40 ` [kernel-hardening] " Kees Cook 2016-07-27 13:51 ` [kernel-hardening] " Yann Droneaud
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20160726030201.6775-2-jason@lakedaemon.net \ --to=jason@lakedaemon.net \ --cc=akpm@linux-foundation.org \ --cc=alyzyn@android.com \ --cc=arnd@arndb.de \ --cc=benh@kernel.crashing.org \ --cc=catalin.marinas@arm.com \ --cc=davem@davemloft.net \ --cc=dcashman@android.com \ --cc=gregkh@linuxfoundation.org \ --cc=hpa@zytor.com \ --cc=jeffv@google.com \ --cc=keescook@chromium.org \ --cc=kernel-hardening@lists.openwall.com \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-mm@vger.kernel.org \ --cc=linux@arm.linux.org.uk \ --cc=mingo@redhat.com \ --cc=mpe@ellerman.id.au \ --cc=nnk@google.com \ --cc=paulus@samba.org \ --cc=ralf@linux-mips.org \ --cc=tglx@linutronix.de \ --cc=tytso@mit.edu \ --cc=viro@zeniv.linux.org.uk \ --cc=will.deacon@arm.com \ --cc=william.c.roberts@intel.com \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.