mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-27 21:03:32 +00:00
Code Issues Releases Wiki Activity
linux-stable/arch/x86/kernel
History
Kees Cook 03475167fd x86: Increase brk randomness entropy for 64-bit systems 
[ Upstream commit 44c76825d6 ]

In commit c1d171a002 ("x86: randomize brk"), arch_randomize_brk() was
defined to use a 32MB range (13 bits of entropy), but was never increased
when moving to 64-bit. The default arch_randomize_brk() uses 32MB for
32-bit tasks, and 1GB (18 bits of entropy) for 64-bit tasks.

Update x86_64 to match the entropy used by arm64 and other 64-bit
architectures.

Reported-by: y0un9n132@gmail.com
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Jiri Kosina <jkosina@suse.com>
Closes: https://lore.kernel.org/linux-hardening/CA+2EKTVLvc8hDZc+2Yhwmus=dzOUG5E4gV7ayCbu0MPJTZzWkw@mail.gmail.com/
Link: https://lore.kernel.org/r/20240217062545.1631668-1-keescook@chromium.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-09-04 13:14:55 +02:00
..
acpi x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility 2023-11-08 11:23:38 +01:00
apic genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline 2024-06-16 13:28:48 +02:00
cpu x86/mtrr: Check if fixed MTRRs exist before saving them 2024-08-19 05:33:53 +02:00
fpu x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4 2023-08-30 16:27:26 +02:00
kprobes x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range 2023-03-11 16:44:02 +01:00
.gitignore
alternative.c x86/alternatives: Disable KASAN in apply_alternatives() 2024-03-01 13:13:35 +01:00
amd_gart_64.c dma-mapping: provide a better default ->get_required_mask 2019-09-04 11:13:19 +02:00
amd_nb.c x86/amd_nb: Check for invalid SMN reads 2024-07-05 09:08:25 +02:00
apb_timer.c
aperture_64.c
apm_32.c x86/APM: drop the duplicate APM_MINOR_DEV macro 2023-09-23 10:59:50 +02:00
asm-offsets.c x86/paravirt: Make read_cr2() CALLEE_SAVE 2019-07-17 23:17:37 +02:00
asm-offsets_32.c
asm-offsets_64.c Merge branch 'x86-apic-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-09-17 12:04:39 -07:00
audit_64.c
bootflag.c
check.c
cpuid.c
crash.c x86/crash: Disable virt in core NMI crash handler to avoid double shootdown 2023-03-11 16:44:01 +01:00
crash_dump_32.c
crash_dump_64.c fs/core/vmcore: Move sev_active() reference to x86 arch code 2019-08-09 22:52:10 +10:00
devicetree.c x86/of: Return consistent error type from x86_of_pci_irq_enable() 2024-08-19 05:33:25 +02:00
doublefault.c x86/doublefault/32: Fix stack canaries in the double fault handler 2019-11-29 10:09:51 +01:00
dumpstack.c x86/show_trace_log_lvl: Ensure stack pointer is aligned, again 2023-05-30 12:44:10 +01:00
dumpstack_32.c
dumpstack_64.c x86/dumpstack/64: Don't evaluate exception stacks before setup 2019-11-05 00:51:35 +01:00
e820.c x86/e820: Use proper booleans instead of 0/1 2019-07-16 23:13:49 +02:00
early-quirks.c x86/gpu: Reserve stolen memory for first integrated Intel GPU 2022-01-27 09:19:26 +01:00
early_printk.c
ebda.c
eisa.c
espfix_64.c
ftrace.c The main changes in this release include: 2019-07-18 11:51:00 -07:00
ftrace_32.S x86/asm/32: Add ENDs to some functions and relabel with SYM_CODE_* 2021-01-17 14:05:30 +01:00
ftrace_64.S x86/stackframe, x86/ftrace: Add pt_regs frame annotations 2019-06-25 10:23:47 +02:00
head32.c
head64.c x86: Clear .brk area at early boot 2022-07-21 20:59:27 +02:00
head_32.S x86/asm/32: Add ENDs to some functions and relabel with SYM_CODE_* 2021-01-17 14:05:30 +01:00
head_64.S x86/irq/64: Update stale comment 2019-07-22 10:54:27 +02:00
hpet.c x86/hpet: Use another crystalball to evaluate HPET usability 2021-10-13 10:08:21 +02:00
hw_breakpoint.c
i8237.c
i8253.c x86/timer: Skip PIT initialization on modern chipsets 2019-06-29 11:35:35 +02:00
i8259.c x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility 2023-11-08 11:23:38 +01:00
idt.c x86/idt: Keep spurious entries unset in system_vectors 2020-06-24 17:50:43 +02:00
ima_arch.c x86/ima: use correct identifier for SetupMode variable 2020-02-28 17:22:18 +01:00
io_delay.c
ioport.c x86: Lock down IO port access when the kernel is locked down 2019-08-19 21:54:16 -07:00
irq.c x86/irq: Ensure PI wakeup handler is unregistered before module unload 2021-11-17 09:48:19 +01:00
irq_32.c x86/irq: Move IS_ERR_OR_NULL() check into common do_IRQ() code 2019-08-19 23:19:06 +02:00
irq_64.c x86: fix vmap arguments in map_irq_stack 2020-06-22 09:30:57 +02:00
irq_work.c
irqflags.S
irqinit.c x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL 2023-02-06 07:52:47 +01:00
itmt.c proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
jailhouse.c x86: Add "nopv" parameter to disable PV extensions 2019-07-17 08:09:58 +02:00
jump_label.c x86/jump_label: Make tp_vec_nr static 2019-06-25 09:22:14 +02:00
kdebugfs.c Driver Core and debugfs changes for 5.3-rc1 2019-07-12 12:24:03 -07:00
kexec-bzimage64.c x86/kexec: Use up-to-dated screen_info copy to fill boot params 2020-11-10 12:37:29 +01:00
kgdb.c x86/apic: Provide and use helper for send_IPI_allbutself() 2019-07-25 16:12:00 +02:00
ksysfs.c
kvm.c x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume 2022-05-12 12:23:47 +02:00
kvmclock.c x86/kvm: Do not try to disable kvmclock if it was not enabled 2024-01-25 14:34:30 -08:00
ldt.c
livepatch.c
machine_kexec_32.c x86/mm: Remove set_pages_x() and set_pages_nx() 2019-09-03 09:26:37 +02:00
machine_kexec_64.c Merge branch 'x86-kdump-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-07-09 11:52:34 -07:00
Makefile Merge branch 'x86-paravirt-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-07-08 17:34:44 -07:00
mmconf-fam10h_64.c
module.c x86/build: Treat R_386_PLT32 relocation as R_386_PC32 2021-03-07 12:20:45 +01:00
mpparse.c x86/boot: Fix memory leak in default_get_smp_config() 2019-07-16 23:13:48 +02:00
msr.c x86/msr: Restrict MSR access when the kernel is locked down 2019-08-19 21:54:16 -07:00
nmi.c x86/nmi: Fix nmi_handle() duration miscalculation 2020-10-29 09:57:30 +01:00
nmi_selftest.c
paravirt-spinlocks.c
paravirt.c x86/paravirt: Drop {read,write}_cr8() hooks 2019-07-22 10:12:33 +02:00
paravirt_patch.c
pci-calgary_64.c dma-mapping: explicitly wire up ->mmap and ->get_sgtable 2019-09-04 11:13:18 +02:00
pci-dma.c x86/dma: Get rid of iommu_pass_through 2019-08-23 10:11:01 +02:00
pci-iommu_table.c
pci-swiotlb.c dma-mapping: fix filename references 2019-09-03 08:36:30 +02:00
pcspeaker.c
perf_regs.c perf/x86/regs: Check reserved bits 2019-06-24 19:19:24 +02:00
platform-quirks.c
pmem.c x86/pmem: Fix platform-device leak in error path 2022-08-25 11:17:33 +02:00
probe_roms.c
process.c x86: Increase brk randomness entropy for 64-bit systems 2024-09-04 13:14:55 +02:00
process.h x86: Use the correct SPDX License Identifier in headers 2019-10-01 20:31:35 +02:00
process_32.c x86/resctl: fix scheduler confusion with 'current' 2023-03-11 16:44:16 +01:00
process_64.c x86/resctl: fix scheduler confusion with 'current' 2023-03-11 16:44:16 +01:00
ptrace.c x86/ptrace: Mark expected switch fall-through 2019-08-07 15:12:01 +02:00
pvclock.c
quirks.c treewide: Remove uninitialized_var() usage 2023-06-09 10:29:01 +02:00
reboot.c x86/reboot: Disable virtualization in an emergency if SVM is supported 2023-03-11 16:44:01 +01:00
reboot_fixups_32.c
relocate_kernel_32.S
relocate_kernel_64.S
resource.c
rtc.c
setup.c ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() 2021-05-07 10:51:37 +02:00
setup_percpu.c
signal.c x86/signal: Detect and prevent an alternate signal stack overflow 2021-07-20 16:10:49 +02:00
signal_compat.c
smp.c x86/reboot: Disable SVM, not just VMX, when stopping CPUs 2023-03-11 16:44:01 +01:00
smpboot.c x86/fpu: Move FPU initialization into arch_cpu_finalize_init() 2023-08-08 19:56:35 +02:00
stacktrace.c x86/stacktrace: Fix reliable check for empty user task stacks 2020-08-05 09:59:51 +02:00
step.c ptrace: Reimplement PTRACE_KILL by always sending SIGKILL 2022-06-14 18:11:24 +02:00
sys_x86_64.c x86/mm: Cleanup the control_va_addr_alignment() __setup handler 2022-06-14 18:11:35 +02:00
sysfb.c
sysfb_efi.c efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L 2023-04-20 12:07:36 +02:00
sysfb_simplefb.c x86/sysfb: Fix check for bad VRAM size 2020-02-24 08:36:29 +01:00
tboot.c iommu/vt-d: Avoid panic if iommu init fails in tboot system 2020-11-24 13:29:17 +01:00
tce_64.c
time.c x86: stop playing stack games in profile_pc() 2024-07-05 09:08:28 +02:00
tls.c x86/tls: Fix possible spectre-v1 in do_get_thread_area() 2019-06-27 23:48:04 +02:00
tls.h
topology.c
trace_clock.c
tracepoint.c
traps.c x86/mm, tracing: Fix CR2 corruption 2019-07-17 23:17:38 +02:00
tsc.c x86/tsc: Disable clocksource watchdog for TSC on qualified platorms 2021-12-08 09:01:14 +01:00
tsc_msr.c x86/tsr: Fix tsc frequency enumeration bug on Lightning Mountain SoC 2020-08-21 13:05:36 +02:00
tsc_sync.c x86/tsc: Trust initial offset in architectural TSC-adjust MSRs 2024-06-16 13:28:30 +02:00
umip.c x86/umip: Add emulation (spoofing) for UMIP covered instructions in 64-bit processes as well 2019-09-10 08:36:16 +02:00
unwind_frame.c x86/stackframe/32: Provide consistent pt_regs 2019-06-25 10:23:47 +02:00
unwind_guess.c
unwind_orc.c x86/unwind/orc: Fix unreliable stack dump with gcov 2022-11-03 23:56:55 +09:00
uprobes.c uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix 2023-01-18 11:40:57 +01:00
verify_cpu.S
vm86_32.c
vmlinux.lds.S x86: Fix .brk attribute in linker script 2023-11-08 11:23:40 +01:00
vsmp_64.c
x86_init.c x86/timer: Don't skip PIT setup when APIC is disabled or in legacy mode 2020-02-11 04:35:52 -08:00