From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=3KsH=DP=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.5 required=3.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 487B7C433E7
	for <linux-mm@archiver.kernel.org>; Thu,  8 Oct 2020 17:07:38 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id B9BD2221F1
	for <linux-mm@archiver.kernel.org>; Thu,  8 Oct 2020 17:07:37 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=fail reason="signature verification failed" (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="ASKAd2B6"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B9BD2221F1
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=infradead.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 36AD76B006C; Thu,  8 Oct 2020 13:07:37 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 319E26B0070; Thu,  8 Oct 2020 13:07:37 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 1BD1F6B0071; Thu,  8 Oct 2020 13:07:37 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0096.hostedemail.com [216.40.44.96])
	by kanga.kvack.org (Postfix) with ESMTP id E28FA6B006C
	for <linux-mm@kvack.org>; Thu,  8 Oct 2020 13:07:36 -0400 (EDT)
Received: from smtpin24.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay05.hostedemail.com (Postfix) with ESMTP id BE74F181AE86E
	for <linux-mm@kvack.org>; Thu,  8 Oct 2020 17:07:35 +0000 (UTC)
X-FDA: 77349389670.24.rifle56_4309624271d9
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin24.hostedemail.com (Postfix) with ESMTP id 7703C1A4A5
	for <linux-mm@kvack.org>; Thu,  8 Oct 2020 17:07:35 +0000 (UTC)
X-HE-Tag: rifle56_4309624271d9
X-Filterd-Recvd-Size: 2818
Received: from casper.infradead.org (casper.infradead.org [90.155.50.34])
	by imf06.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Thu,  8 Oct 2020 17:07:34 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version:
	References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To:
	Content-Transfer-Encoding:Content-ID:Content-Description;
	bh=lFsuL5fiQpUDvhtt5fozsfGKqdT49zToyfpYwey6+xI=; b=ASKAd2B6AXXo8EQU0anUauThTY
	Xs+INzR/+2gmCusmIBzQSVkXzjRKpTmstSXY5ttvhN1QTl2AXy9LEtpPVxoi5ctQMsksLObnipIKR
	JJ9M7p5XBoKp3LJ/YzwaPHYoUUcfJbOjyIaZaM5Zy37IykTNcmhaJEtbXUiFC64OpmOLiRctr/G+S
	laVoV9oi2zAnTe0evHAULLd7iAmewSPZAtfyKWURzxixSSF8ZhVjnNmuzgdenLd7dreBwyXYeHko1
	7nxkhrlPnebM33Ltu4ijPaB6AFx/VeQMI8AKbgGFXSNKq5uzKQv11TLgovBrkdzGE2AY7JDw3ytYI
	jd6yuvwA==;
Received: from willy by casper.infradead.org with local (Exim 4.92.3 #3 (Red Hat Linux))
	id 1kQZO4-0007Q1-5u; Thu, 08 Oct 2020 17:07:28 +0000
Date: Thu, 8 Oct 2020 18:07:28 +0100
From: Matthew Wilcox <willy@infradead.org>
To: Topi Miettinen <toiwoton@gmail.com>
Cc: linux-hardening@vger.kernel.org, akpm@linux-foundation.org,
	linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH RESEND v2] mm: Optional full ASLR for mmap() and mremap()
Message-ID: <20201008170728.GK20115@casper.infradead.org>
References: <20201008165408.38228-1-toiwoton@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20201008165408.38228-1-toiwoton@gmail.com>
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Thu, Oct 08, 2020 at 07:54:08PM +0300, Topi Miettinen wrote:
> +3   Additionally enable full randomization of memory mappings created
> +    with mmap(NULL, ...). With 2, the base of the VMA used for such
> +    mappings is random, but the mappings are created in predictable
> +    places within the VMA and in sequential order. With 3, new VMAs
> +    are created to fully randomize the mappings. Also mremap(...,
> +    MREMAP_MAYMOVE) will move the mappings even if not necessary.
> +
> +    On 32 bit systems this may cause problems due to increased VM
> +    fragmentation if the address space gets crowded.

On all systems, it will reduce performance and increase memory usage due
to less efficient use of page tables and inability to merge adjacent VMAs
with compatible attributes.

> +	if ((flags & MREMAP_MAYMOVE) && randomize_va_space >= 3) {
> +		/*
> +		 * Caller is happy with a different address, so let's
> +		 * move even if not necessary!
> +		 */
> +		new_addr = arch_mmap_rnd();
> +
> +		ret = mremap_to(addr, old_len, new_addr, new_len,
> +				&locked, flags, &uf, &uf_unmap_early,
> +				&uf_unmap);
> +		goto out;
> +	}
> +
> +

Overly enthusiastic newline