Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 565ef503 authored by dcashman's avatar dcashman Committed by Mark Salyzyn
Browse files

mm: mmap: Add new /proc tunable for mmap_base ASLR. 



ASLR currently only uses 8 bits to generate the random offset for the
mmap base address on 32 bit architectures. This value was chosen to
prevent a poorly chosen value from dividing the address space in such
a way as to prevent large allocations. This may not be an issue on all
platforms. Allow the specification of a minimum number of bits so that
platforms desiring greater ASLR protection may determine where to place
the trade-off.

BUG=24047224
Signed-off-by: default avatarDaniel Cashman <dcashman@google.com>
Change-Id: I0aa8f1e416fec848b6817ab861610d8f0eb3beb8
parent 70f767ae

Documentation/sysctl/kernel.txt

+14 −0
Original line number Diff line number Diff line
@@ -41,6 +41,7 @@ show up in /proc/sys/kernel: 
- kptr_restrict

- kstack_depth_to_print       [ X86 only ]

- l2cr                        [ PPC only ]

- mmap_rnd_bits

- modprobe                    ==> Documentation/debugging-modules.txt

- modules_disabled

- msg_next_id		      [ sysv ipc ]
@@ -386,6 +387,19 @@ This flag controls the L2 cache of G3 processor boards. If 


==============================================================



mmap_rnd_bits:



This value can be used to select the number of bits to use to

determine the random offset to the base address of vma regions

resulting from mmap allocations on architectures which support

tuning address space randomization.  This value will be bounded

by the architecture's minimum and maximum supported values.



This value can be changed after boot using the

/proc/sys/kernel/mmap_rnd_bits tunable



==============================================================



modules_disabled:



A toggle value indicating if modules are allowed to be loaded

include/linux/mm.h

+6 −0
Original line number Diff line number Diff line
@@ -48,6 +48,12 @@ extern int sysctl_legacy_va_layout; 
#define sysctl_legacy_va_layout 0

#endif



#ifdef CONFIG_ARCH_MMAP_RND_BITS

extern int mmap_rnd_bits_min;

extern int mmap_rnd_bits_max;

extern int mmap_rnd_bits;

#endif



#include <asm/page.h>

#include <asm/pgtable.h>

#include <asm/processor.h>

kernel/sysctl.c

+11 −0
Original line number Diff line number Diff line
@@ -1105,6 +1105,17 @@ static struct ctl_table kern_table[] = { 
		.mode		= 0644,

		.proc_handler	= proc_dointvec,

	},

#endif

#ifdef CONFIG_ARCH_MMAP_RND_BITS

	{

		.procname	= "mmap_rnd_bits",

		.data		= &mmap_rnd_bits,

		.maxlen		= sizeof(mmap_rnd_bits),

		.mode		= 0644,

		.proc_handler	= proc_dointvec_minmax,

		.extra1		= &mmap_rnd_bits_min,

		.extra2		= &mmap_rnd_bits_max,

	},

#endif

	{ }

};