linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Russell King - ARM Linux <linux@arm.linux.org.uk>
To: Kees Cook <keescook@chromium.org>
Cc: Daniel Cashman <dcashman@android.com>,
	LKML <linux-kernel@vger.kernel.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Ingo Molnar <mingo@kernel.org>,
	"linux-arm-kernel@lists.infradead.org" 
	<linux-arm-kernel@lists.infradead.org>,
	Jonathan Corbet <corbet@lwn.net>, Don Zickus <dzickus@redhat.com>,
	"Eric W. Biederman" <ebiederm@xmission.com>,
	Heinrich Schuchardt <xypron.glpk@gmx.de>,
	jpoimboe@redhat.com,
	"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
	n-horiguchi@ah.jp.nec.com, Andrea Arcangeli <aarcange@redhat.com>,
	Mel Gorman <mgorman@suse.de>,
	Thomas Gleixner <tglx@linutronix.de>,
	David Rientjes <rientjes@google.com>,
	Linux-MM <linux-mm@kvack.org>,
	"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
	Mark Salyzyn <salyzyn@android.com>,
	Jeffrey Vander Stoep <jeffv@google.com>,
	Nick Kralevich <nnk@google.com>, dcashman <dcashman@google.com>
Subject: Re: [PATCH v2 2/2] arm: mm: support ARCH_MMAP_RND_BITS.
Date: Tue, 3 Nov 2015 22:39:04 +0000	[thread overview]
Message-ID: <20151103223904.GG8644@n2100.arm.linux.org.uk> (raw)
In-Reply-To: <CAGXu5jKGzDD9WVQnMTT2EfupZtjpdcASUpx-3npLAB-FctLodA@mail.gmail.com>

On Tue, Nov 03, 2015 at 11:19:44AM -0800, Kees Cook wrote:
> On Tue, Nov 3, 2015 at 10:10 AM, Daniel Cashman <dcashman@android.com> wrote:
> > From: dcashman <dcashman@google.com>
> >
> > arm: arch_mmap_rnd() uses a hard-code value of 8 to generate the
> > random offset for the mmap base address.  This value represents a
> > compromise between increased ASLR effectiveness and avoiding
> > address-space fragmentation. Replace it with a Kconfig option, which
> > is sensibly bounded, so that platform developers may choose where to
> > place this compromise. Keep 8 as the minimum acceptable value.
> >
> > Signed-off-by: Daniel Cashman <dcashman@google.com>
> 
> Acked-by: Kees Cook <keescook@chromium.org>
> 
> Russell, if you don't see any problems here, it might make sense not
> to put this through the ARM patch tracker since it depends on the 1/2,
> and I think x86 and arm64 (and possibly other arch) changes are coming
> too.

Yes, it looks sane, though I do wonder whether there should also be
a Kconfig option to allow archtectures to specify the default, instead
of the default always being the minimum randomisation.  I can see scope
to safely pushing our mmap randomness default to 12, especially on 3GB
setups, as we already have 11 bits of randomness on the sigpage and if
enabled, 13 bits on the heap.

-- 
FTTC broadband for 0.8mile line: currently at 9.6Mbps down 400kbps up
according to speedtest.net.

  reply	other threads:[~2015-11-03 22:39 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-11-03 18:10 [PATCH v2 1/2] mm: mmap: Add new /proc tunable for mmap_base ASLR Daniel Cashman
2015-11-03 18:10 ` [PATCH v2 2/2] arm: mm: support ARCH_MMAP_RND_BITS Daniel Cashman
2015-11-03 19:19   ` Kees Cook
2015-11-03 22:39     ` Russell King - ARM Linux [this message]
2015-11-03 23:18       ` Kees Cook
2015-11-04 18:22         ` Daniel Cashman
2015-11-03 23:14     ` Daniel Cashman
2015-11-03 23:21       ` Kees Cook
2015-11-04 18:30         ` Daniel Cashman
2015-11-05 18:44           ` Daniel Cashman
2015-11-06 20:52             ` Kees Cook
2015-11-09  3:47               ` Michael Ellerman
2015-11-09 18:56                 ` Daniel Cashman
2015-11-09 21:27                   ` Kees Cook
2015-11-03 19:16 ` [PATCH v2 1/2] mm: mmap: Add new /proc tunable for mmap_base ASLR Kees Cook
2015-11-04  0:04 ` Andrew Morton
2015-11-04  0:40   ` Eric W. Biederman
2015-11-04  1:31     ` Andrew Morton
2015-11-04 19:31       ` Daniel Cashman
2015-11-04 22:00         ` Andrew Morton
2015-11-04 22:10         ` Eric W. Biederman
2015-11-04 22:37           ` Kees Cook
2015-11-04  9:39 ` Michal Hocko
2015-11-04 19:21   ` Eric W. Biederman
2015-11-04 19:36     ` Daniel Cashman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20151103223904.GG8644@n2100.arm.linux.org.uk \
    --to=linux@arm.linux.org.uk \
    --cc=aarcange@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=corbet@lwn.net \
    --cc=dcashman@android.com \
    --cc=dcashman@google.com \
    --cc=dzickus@redhat.com \
    --cc=ebiederm@xmission.com \
    --cc=jeffv@google.com \
    --cc=jpoimboe@redhat.com \
    --cc=keescook@chromium.org \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=mgorman@suse.de \
    --cc=mingo@kernel.org \
    --cc=n-horiguchi@ah.jp.nec.com \
    --cc=nnk@google.com \
    --cc=rientjes@google.com \
    --cc=salyzyn@android.com \
    --cc=tglx@linutronix.de \
    --cc=xypron.glpk@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).