mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-08-22 17:01:14 +00:00
fbbc400f39
To address the "offset2lib" ASLR weakness[1], this separates ET_DYN ASLR from mmap ASLR, as already done on s390. The architectures that are already randomizing mmap (arm, arm64, mips, powerpc, s390, and x86), have their various forms of arch_mmap_rnd() made available via the new CONFIG_ARCH_HAS_ELF_RANDOMIZE. For these architectures, arch_randomize_brk() is collapsed as well. This is an alternative to the solutions in: https://lkml.org/lkml/2015/2/23/442 I've been able to test x86 and arm, and the buildbot (so far) seems happy with building the rest. [1] http://cybersecurity.upv.es/attacks/offset2lib/offset2lib.html This patch (of 10): In preparation for splitting out ET_DYN ASLR, this moves the ASLR calculations for mmap on ARM into a separate routine, similar to x86. This also removes the redundant check of personality (PF_RANDOMIZE is already set before calling arch_pick_mmap_layout). Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Hector Marco-Gisbert <hecmargi@upv.es> Cc: Russell King <linux@arm.linux.org.uk> Reviewed-by: Ingo Molnar <mingo@kernel.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Will Deacon <will.deacon@arm.com> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Paul Mackerras <paulus@samba.org> Cc: Michael Ellerman <mpe@ellerman.id.au> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: Heiko Carstens <heiko.carstens@de.ibm.com> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Andy Lutomirski <luto@amacapital.net> Cc: "David A. Long" <dave.long@linaro.org> Cc: Andrey Ryabinin <a.ryabinin@samsung.com> Cc: Arun Chandran <achandran@mvista.com> Cc: Yann Droneaud <ydroneaud@opteya.com> Cc: Min-Hua Chen <orca.chen@gmail.com> Cc: Paul Burton <paul.burton@imgtec.com> Cc: Alex Smith <alex@alex-smith.me.uk> Cc: Markos Chandras <markos.chandras@imgtec.com> Cc: Vineeth Vijayan <vvijayan@mvista.com> Cc: Jeff Bailey <jeffbailey@google.com> Cc: Michael Holzheu <holzheu@linux.vnet.ibm.com> Cc: Ben Hutchings <ben@decadent.org.uk> Cc: Behan Webster <behanw@converseincode.com> Cc: Ismael Ripoll <iripoll@upv.es> Cc: Jan-Simon Mller <dl9pf@gmx.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|---|---|---|
| .. | ||
| boot | ||
| common | ||
| configs | ||
| crypto | ||
| firmware | ||
| include | ||
| kernel | ||
| kvm | ||
| lib | ||
| mach-asm9260 | ||
| mach-at91 | ||
| mach-axxia | ||
| mach-bcm | ||
| mach-berlin | ||
| mach-clps711x | ||
| mach-cns3xxx | ||
| mach-davinci | ||
| mach-digicolor | ||
| mach-dove | ||
| mach-ebsa110 | ||
| mach-efm32 | ||
| mach-ep93xx | ||
| mach-exynos | ||
| mach-footbridge | ||
| mach-gemini | ||
| mach-highbank | ||
| mach-hisi | ||
| mach-imx | ||
| mach-integrator | ||
| mach-iop13xx | ||
| mach-iop32x | ||
| mach-iop33x | ||
| mach-ixp4xx | ||
| mach-keystone | ||
| mach-ks8695 | ||
| mach-lpc32xx | ||
| mach-mediatek | ||
| mach-meson | ||
| mach-mmp | ||
| mach-moxart | ||
| mach-msm | ||
| mach-mv78xx0 | ||
| mach-mvebu | ||
| mach-mxs | ||
| mach-netx | ||
| mach-nomadik | ||
| mach-nspire | ||
| mach-omap1 | ||
| mach-omap2 | ||
| mach-orion5x | ||
| mach-picoxcell | ||
| mach-prima2 | ||
| mach-pxa | ||
| mach-qcom | ||
| mach-realview | ||
| mach-rockchip | ||
| mach-rpc | ||
| mach-s3c24xx | ||
| mach-s3c64xx | ||
| mach-s5pv210 | ||
| mach-sa1100 | ||
| mach-shmobile | ||
| mach-socfpga | ||
| mach-spear | ||
| mach-sti | ||
| mach-sunxi | ||
| mach-tegra | ||
| mach-u300 | ||
| mach-ux500 | ||
| mach-versatile | ||
| mach-vexpress | ||
| mach-vt8500 | ||
| mach-w90x900 | ||
| mach-zynq | ||
| mm | ||
| net | ||
| nwfpe | ||
| oprofile | ||
| plat-iop | ||
| plat-omap | ||
| plat-orion | ||
| plat-pxa | ||
| plat-samsung | ||
| plat-versatile | ||
| probes | ||
| tools | ||
| vfp | ||
| xen | ||
| Kconfig | ||
| Kconfig-nommu | ||
| Kconfig.debug | ||
| Makefile | ||