Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e0a94c2a authored by Christoph Lameter's avatar Christoph Lameter Committed by James Morris
Browse files

security: use mmap_min_addr indepedently of security models 



This patch removes the dependency of mmap_min_addr on CONFIG_SECURITY.
It also sets a default mmap_min_addr of 4096.

mmapping of addresses below 4096 will only be possible for processes
with CAP_SYS_RAWIO.

Signed-off-by: default avatarChristoph Lameter <cl@linux-foundation.org>
Acked-by: default avatarEric Paris <eparis@redhat.com>
Looks-ok-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 7d2948b1

include/linux/mm.h

+0 −2
Original line number Diff line number Diff line
@@ -580,12 +580,10 @@ static inline void set_page_links(struct page *page, enum zone_type zone, 
 */

static inline unsigned long round_hint_to_min(unsigned long hint)

{

#ifdef CONFIG_SECURITY

	hint &= PAGE_MASK;

	if (((void *)hint != NULL) &&

	    (hint < mmap_min_addr))

		return PAGE_ALIGN(mmap_min_addr);

#endif

	return hint;

}

include/linux/security.h

+2 −0
Original line number Diff line number Diff line
@@ -2197,6 +2197,8 @@ static inline int security_file_mmap(struct file *file, unsigned long reqprot, 
				     unsigned long addr,

				     unsigned long addr_only)

{

	if ((addr < mmap_min_addr) && !capable(CAP_SYS_RAWIO))

		return -EACCES;

	return 0;

}

kernel/sysctl.c

+0 −2
Original line number Diff line number Diff line
@@ -1237,7 +1237,6 @@ static struct ctl_table vm_table[] = { 
		.strategy	= &sysctl_jiffies,

	},

#endif

#ifdef CONFIG_SECURITY

	{

		.ctl_name	= CTL_UNNUMBERED,

		.procname	= "mmap_min_addr",
@@ -1246,7 +1245,6 @@ static struct ctl_table vm_table[] = { 
		.mode		= 0644,

		.proc_handler	= &proc_doulongvec_minmax,

	},

#endif

#ifdef CONFIG_NUMA

	{

		.ctl_name	= CTL_UNNUMBERED,

mm/Kconfig

+19 −0
Original line number Diff line number Diff line
@@ -226,6 +226,25 @@ config HAVE_MLOCKED_PAGE_BIT 
config MMU_NOTIFIER

	bool



config DEFAULT_MMAP_MIN_ADDR

        int "Low address space to protect from user allocation"

        default 4096

        help

	  This is the portion of low virtual memory which should be protected

	  from userspace allocation.  Keeping a user from writing to low pages

	  can help reduce the impact of kernel NULL pointer bugs.



	  For most ia64, ppc64 and x86 users with lots of address space

	  a value of 65536 is reasonable and should cause no problems.

	  On arm and other archs it should not be higher than 32768.

	  Programs which use vm86 functionality would either need additional

	  permissions from either the LSM or the capabilities module or have

	  this protection disabled.



	  This value can be changed after boot using the

	  /proc/sys/vm/mmap_min_addr tunable.





config NOMMU_INITIAL_TRIM_EXCESS

	int "Turn on mmap() excess space trimming before booting"

	depends on !MMU

mm/mmap.c

+3 −0
Original line number Diff line number Diff line
@@ -87,6 +87,9 @@ int sysctl_overcommit_ratio = 50; /* default is 50% */ 
int sysctl_max_map_count __read_mostly = DEFAULT_MAX_MAP_COUNT;

struct percpu_counter vm_committed_as;



/* amount of vm to protect from userspace access */

unsigned long mmap_min_addr = CONFIG_DEFAULT_MMAP_MIN_ADDR;



/*

 * Check that a process has enough memory to allocate a new virtual

 * mapping. 0 means there is enough memory for the allocation to