From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965557AbcHDQz0 (ORCPT ); Thu, 4 Aug 2016 12:55:26 -0400 Received: from mga11.intel.com ([192.55.52.93]:8245 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S965539AbcHDQzV (ORCPT ); Thu, 4 Aug 2016 12:55:21 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.28,470,1464678000"; d="scan'208";a="1029813468" From: "Roberts, William C" To: "kernel-hardening@lists.openwall.com" , "jason@lakedaemon.net" , "linux-mm@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "akpm@linux-foundation.org" CC: "keescook@chromium.org" , "gregkh@linuxfoundation.org" , "nnk@google.com" , "jeffv@google.com" , "salyzyn@android.com" , "dcashman@android.com" Subject: RE: [kernel-hardening] [PATCH] [RFC] Introduce mmap randomization Thread-Topic: [kernel-hardening] [PATCH] [RFC] Introduce mmap randomization Thread-Index: AQHR7nC8dwJNNOteV0K2Xv8fKFYs7qA5BOiw Date: Thu, 4 Aug 2016 16:55:19 +0000 Message-ID: <476DC76E7D1DF2438D32BFADF679FC560127DD18@ORSMSX103.amr.corp.intel.com> References: <1469557346-5534-1-git-send-email-william.c.roberts@intel.com> <1470329589.22643.117.camel@gmail.com> In-Reply-To: <1470329589.22643.117.camel@gmail.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiMWY5YmQzYjYtN2FjMi00MTAyLTg1ZmItODYwYTExMDlmNDc3IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE1LjkuNi42IiwiVHJ1c3RlZExhYmVsSGFzaCI6IlJ4bUFiT3BJQThCSFF6UVR6NDNHbmtTVWk5djNkcUxLdDFzXC90XC92Y3FjQT0ifQ== x-ctpclassification: CTP_IC x-originating-ip: [10.22.254.138] Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by mail.home.local id u74GtVt7006922 > -----Original Message----- > From: Daniel Micay [mailto:danielmicay@gmail.com] > Sent: Thursday, August 4, 2016 9:53 AM > To: kernel-hardening@lists.openwall.com; jason@lakedaemon.net; linux- > mm@vger.kernel.org; linux-kernel@vger.kernel.org; akpm@linux- > foundation.org > Cc: keescook@chromium.org; gregkh@linuxfoundation.org; nnk@google.com; > jeffv@google.com; salyzyn@android.com; dcashman@android.com > Subject: Re: [kernel-hardening] [PATCH] [RFC] Introduce mmap randomization > > On Tue, 2016-07-26 at 11:22 -0700, william.c.roberts@intel.com wrote: > > The recent get_random_long() change in get_random_range() and then the > > subsequent patches Jason put out, all stemmed from my tinkering with > > the concept of randomizing mmap. > > > > Any feedback would be greatly appreciated, including any feedback > > indicating that I am idiot. > > The RAND_THREADSTACK feature in grsecurity makes the gaps the way I think > would be ideal, i.e. tracked as part of the appropriate VMA. It would be > straightforward to make it more general purpose. I am not familiar with that, thanks for pointing it out. I'll take a look when my time frees up for this again.