Documentation/admin-guide/kernel-parameters.txt says:
norandmaps Don't use address space randomization. Equivalent
to echo 0 > /proc/sys/kernel/randomize_va_space
but it doesn't work because arch_rnd() which is used to randomize
mm->mmap_base returns a random value unconditionally.
Shift the PF_RANDOMIZE check from arch_mmap_rnd() to arch_rnd().
Fixes: 1b028f784e8c ("x86/mm: Introduce mmap_compat_base() for 32-bit mmap()")
Signed-off-by: Oleg Nesterov <[email protected]>
---
arch/x86/mm/mmap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c
index 19ad095..6369d04 100644
--- a/arch/x86/mm/mmap.c
+++ b/arch/x86/mm/mmap.c
@@ -82,13 +82,13 @@ static int mmap_is_legacy(void)
static unsigned long arch_rnd(unsigned int rndbits)
{
+ if (!(current->flags & PF_RANDOMIZE))
+ return 0;
return (get_random_long() & ((1UL << rndbits) - 1)) << PAGE_SHIFT;
}
unsigned long arch_mmap_rnd(void)
{
- if (!(current->flags & PF_RANDOMIZE))
- return 0;
return arch_rnd(mmap_is_ia32() ? mmap32_rnd_bits : mmap64_rnd_bits);
}
--
2.5.0
PF_RANDOMIZE is set by load_elf_binary() only if ADDR_NO_RANDOMIZE is not
set, no need to re-check after that.that.that.that.that.that.that.that.
Signed-off-by: Oleg Nesterov <[email protected]>
---
arch/x86/mm/mmap.c | 3 +--
fs/binfmt_elf.c | 3 +--
2 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c
index 6369d04..81db3e9 100644
--- a/arch/x86/mm/mmap.c
+++ b/arch/x86/mm/mmap.c
@@ -50,8 +50,7 @@ unsigned long tasksize_64bit(void)
static unsigned long stack_maxrandom_size(unsigned long task_size)
{
unsigned long max = 0;
- if ((current->flags & PF_RANDOMIZE) &&
- !(current->personality & ADDR_NO_RANDOMIZE)) {
+ if (current->flags & PF_RANDOMIZE) {
max = (-1UL) & __STACK_RND_MASK(task_size == tasksize_32bit());
max <<= PAGE_SHIFT;
}
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index 5075fd5..569c82e 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -666,8 +666,7 @@ static unsigned long randomize_stack_top(unsigned long stack_top)
{
unsigned long random_variable = 0;
- if ((current->flags & PF_RANDOMIZE) &&
- !(current->personality & ADDR_NO_RANDOMIZE)) {
+ if (current->flags & PF_RANDOMIZE) {
random_variable = get_random_long();
random_variable &= STACK_RND_MASK;
random_variable <<= PAGE_SHIFT;
--
2.5.0
On 07/10/2017 02:14 PM, Oleg Nesterov wrote:
> Documentation/admin-guide/kernel-parameters.txt says:
>
> norandmaps Don't use address space randomization. Equivalent
> to echo 0 > /proc/sys/kernel/randomize_va_space
>
> but it doesn't work because arch_rnd() which is used to randomize
> mm->mmap_base returns a random value unconditionally.
>
> Shift the PF_RANDOMIZE check from arch_mmap_rnd() to arch_rnd().
>
> Fixes: 1b028f784e8c ("x86/mm: Introduce mmap_compat_base() for 32-bit mmap()")
> Signed-off-by: Oleg Nesterov <[email protected]>
Thanks, Oleg,
Reviewed-by: Dmitry Safonov <[email protected]>
> ---
> arch/x86/mm/mmap.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c
> index 19ad095..6369d04 100644
> --- a/arch/x86/mm/mmap.c
> +++ b/arch/x86/mm/mmap.c
> @@ -82,13 +82,13 @@ static int mmap_is_legacy(void)
>
> static unsigned long arch_rnd(unsigned int rndbits)
> {
> + if (!(current->flags & PF_RANDOMIZE))
> + return 0;
> return (get_random_long() & ((1UL << rndbits) - 1)) << PAGE_SHIFT;
> }
>
> unsigned long arch_mmap_rnd(void)
> {
> - if (!(current->flags & PF_RANDOMIZE))
> - return 0;
> return arch_rnd(mmap_is_ia32() ? mmap32_rnd_bits : mmap64_rnd_bits);
> }
>
>
--
Dmitry
On 07/10/2017 02:14 PM, Oleg Nesterov wrote:
> PF_RANDOMIZE is set by load_elf_binary() only if ADDR_NO_RANDOMIZE is not
> set, no need to re-check after that.that.that.that.that.that.that.that.
>
> Signed-off-by: Oleg Nesterov <[email protected]>
Reviewed-by: Dmitry Safonov <[email protected]>
> ---
> arch/x86/mm/mmap.c | 3 +--
> fs/binfmt_elf.c | 3 +--
> 2 files changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c
> index 6369d04..81db3e9 100644
> --- a/arch/x86/mm/mmap.c
> +++ b/arch/x86/mm/mmap.c
> @@ -50,8 +50,7 @@ unsigned long tasksize_64bit(void)
> static unsigned long stack_maxrandom_size(unsigned long task_size)
> {
> unsigned long max = 0;
> - if ((current->flags & PF_RANDOMIZE) &&
> - !(current->personality & ADDR_NO_RANDOMIZE)) {
> + if (current->flags & PF_RANDOMIZE) {
> max = (-1UL) & __STACK_RND_MASK(task_size == tasksize_32bit());
> max <<= PAGE_SHIFT;
> }
> diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
> index 5075fd5..569c82e 100644
> --- a/fs/binfmt_elf.c
> +++ b/fs/binfmt_elf.c
> @@ -666,8 +666,7 @@ static unsigned long randomize_stack_top(unsigned long stack_top)
> {
> unsigned long random_variable = 0;
>
> - if ((current->flags & PF_RANDOMIZE) &&
> - !(current->personality & ADDR_NO_RANDOMIZE)) {
> + if (current->flags & PF_RANDOMIZE) {
> random_variable = get_random_long();
> random_variable &= STACK_RND_MASK;
> random_variable <<= PAGE_SHIFT;
>
--
Dmitry
ping ;)
On 07/10, Oleg Nesterov wrote:
>
> Documentation/admin-guide/kernel-parameters.txt says:
>
> norandmaps Don't use address space randomization. Equivalent
> to echo 0 > /proc/sys/kernel/randomize_va_space
>
> but it doesn't work because arch_rnd() which is used to randomize
> mm->mmap_base returns a random value unconditionally.
>
> Shift the PF_RANDOMIZE check from arch_mmap_rnd() to arch_rnd().
>
> Fixes: 1b028f784e8c ("x86/mm: Introduce mmap_compat_base() for 32-bit mmap()")
> Signed-off-by: Oleg Nesterov <[email protected]>
> ---
> arch/x86/mm/mmap.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c
> index 19ad095..6369d04 100644
> --- a/arch/x86/mm/mmap.c
> +++ b/arch/x86/mm/mmap.c
> @@ -82,13 +82,13 @@ static int mmap_is_legacy(void)
>
> static unsigned long arch_rnd(unsigned int rndbits)
> {
> + if (!(current->flags & PF_RANDOMIZE))
> + return 0;
> return (get_random_long() & ((1UL << rndbits) - 1)) << PAGE_SHIFT;
> }
>
> unsigned long arch_mmap_rnd(void)
> {
> - if (!(current->flags & PF_RANDOMIZE))
> - return 0;
> return arch_rnd(mmap_is_ia32() ? mmap32_rnd_bits : mmap64_rnd_bits);
> }
>
> --
> 2.5.0
>
On Mon, Jul 10, 2017 at 01:14:29PM +0200, Oleg Nesterov wrote:
> Documentation/admin-guide/kernel-parameters.txt says:
>
> norandmaps Don't use address space randomization. Equivalent
> to echo 0 > /proc/sys/kernel/randomize_va_space
>
> but it doesn't work because arch_rnd() which is used to randomize
> mm->mmap_base returns a random value unconditionally.
>
> Shift the PF_RANDOMIZE check from arch_mmap_rnd() to arch_rnd().
>
> Fixes: 1b028f784e8c ("x86/mm: Introduce mmap_compat_base() for 32-bit mmap()")
> Signed-off-by: Oleg Nesterov <[email protected]>
It also fixes personality(ADDR_NO_RANDOMIZE).
Acked-by: Kirill A. Shutemov <[email protected]>
--
Kirill A. Shutemov
On Mon, Aug 14, 2017 at 06:43:10PM +0200, Oleg Nesterov wrote:
> > Acked-by: Kirill A. Shutemov <[email protected]>
>
> OK, thanks Kirill and Cyrill, I'll resend tomorrow with all acks I got.
I don't think you need my ack but if any
Acked-by: Cyrill Gorcunov <[email protected]>
On 08/14, Kirill A. Shutemov wrote:
>
> On Mon, Jul 10, 2017 at 01:14:29PM +0200, Oleg Nesterov wrote:
> > Documentation/admin-guide/kernel-parameters.txt says:
> >
> > norandmaps Don't use address space randomization. Equivalent
> > to echo 0 > /proc/sys/kernel/randomize_va_space
> >
> > but it doesn't work because arch_rnd() which is used to randomize
> > mm->mmap_base returns a random value unconditionally.
> >
> > Shift the PF_RANDOMIZE check from arch_mmap_rnd() to arch_rnd().
> >
> > Fixes: 1b028f784e8c ("x86/mm: Introduce mmap_compat_base() for 32-bit mmap()")
> > Signed-off-by: Oleg Nesterov <[email protected]>
>
> It also fixes personality(ADDR_NO_RANDOMIZE).
Yes, good point.
> Acked-by: Kirill A. Shutemov <[email protected]>
OK, thanks Kirill and Cyrill, I'll resend tomorrow with all acks I got.
Oleg.