Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755542AbcKYUAd (ORCPT ); Fri, 25 Nov 2016 15:00:33 -0500 Received: from mail-io0-f174.google.com ([209.85.223.174]:33686 "EHLO mail-io0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754333AbcKYUA2 (ORCPT ); Fri, 25 Nov 2016 15:00:28 -0500 MIME-Version: 1.0 In-Reply-To: <1480008765-3876-1-git-send-email-matt.redfearn@imgtec.com> References: <1480008765-3876-1-git-send-email-matt.redfearn@imgtec.com> From: Kees Cook Date: Fri, 25 Nov 2016 12:00:26 -0800 X-Google-Sender-Auth: -2vu7ubIZuPnFDpqHyB3pzZPNts Message-ID: Subject: Re: [PATCH] MIPS: Add support for ARCH_MMAP_RND_{COMPAT_}BITS To: Matt Redfearn Cc: Ralf Baechle , Linux MIPS Mailing List , "kernel-hardening@lists.openwall.com" , Paul Gortmaker , LKML , Daniel Cashman , Andrew Morton Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2806 Lines: 94 On Thu, Nov 24, 2016 at 9:32 AM, Matt Redfearn wrote: > arch_mmap_rnd() uses hard-coded limits of 16MB for the randomisation > of mmap within 32bit processes and 256MB in 64bit processes. Since v4.4 > other arches support tuning this value in /proc/sys/vm/mmap_rnd_bits. > Add support for this to MIPS. > > Set the minimum(default) number of bits randomisation for 32bit to 8 - > which with 4k pagesize is unchanged from the current 16MB total > randomness. The minimum(default) for 64bit is 12bits, again with 4k > pagesize this is the same as the current 256MB. > > This patch is necessary for MIPS32 to pass the Android CTS tests, with > the number of random bits set to 15. > > Signed-off-by: Matt Redfearn > --- > > arch/mips/Kconfig | 16 ++++++++++++++++ > arch/mips/mm/mmap.c | 10 +++++----- > 2 files changed, 21 insertions(+), 5 deletions(-) > > diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig > index b3c5bde43d34..d72cf6129b2c 100644 > --- a/arch/mips/Kconfig > +++ b/arch/mips/Kconfig > @@ -13,6 +13,8 @@ config MIPS > select HAVE_PERF_EVENTS > select PERF_USE_VMALLOC > select HAVE_ARCH_KGDB > + select HAVE_ARCH_MMAP_RND_BITS if MMU > + select HAVE_ARCH_MMAP_RND_COMPAT_BITS if MMU && COMPAT > select HAVE_ARCH_SECCOMP_FILTER > select HAVE_ARCH_TRACEHOOK > select HAVE_CBPF_JIT if !CPU_MICROMIPS > @@ -3073,6 +3075,20 @@ config MMU > bool > default y > > +config ARCH_MMAP_RND_BITS_MIN > + default 12 if 64BIT > + default 8 > + > +config ARCH_MMAP_RND_BITS_MAX > + default 18 if 64BIT > + default 15 > + > +config ARCH_MMAP_RND_COMPAT_BITS_MIN > + default 8 > + > +config ARCH_MMAP_RND_COMPAT_BITS_MAX > + default 15 > + > config I8253 > bool > select CLKSRC_I8253 > diff --git a/arch/mips/mm/mmap.c b/arch/mips/mm/mmap.c > index d08ea3ff0f53..d6d92c02308d 100644 > --- a/arch/mips/mm/mmap.c > +++ b/arch/mips/mm/mmap.c > @@ -146,14 +146,14 @@ unsigned long arch_mmap_rnd(void) > { > unsigned long rnd; > > - rnd = get_random_long(); > - rnd <<= PAGE_SHIFT; > +#ifdef CONFIG_COMPAT > if (TASK_IS_32BIT_ADDR) > - rnd &= 0xfffffful; > + rnd = get_random_long() & ((1UL << mmap_rnd_compat_bits) - 1); > else > - rnd &= 0xffffffful; > +#endif /* CONFIG_COMPAT */ > + rnd = get_random_long() & ((1UL << mmap_rnd_bits) - 1); > > - return rnd; > + return rnd << PAGE_SHIFT; > } > > void arch_pick_mmap_layout(struct mm_struct *mm) > -- > 2.7.4 > Excellent! Reviewed-by: Kees Cook Out of curiosity, how were the maxs of 15 and 18 chosen? -Kees -- Kees Cook Nexus Security