Received: by 10.213.65.68 with SMTP id h4csp1036235imn; Thu, 22 Mar 2018 13:55:42 -0700 (PDT) X-Google-Smtp-Source: AG47ELuF3uzdmk777cQBtWpkducZ3yvDHRG3Xw9d3uz9V15EpKojeFg2kpprl7vCSRbLoUtuPN6u X-Received: by 2002:a17:902:3a3:: with SMTP id d32-v6mr27187295pld.219.1521752142541; Thu, 22 Mar 2018 13:55:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521752142; cv=none; d=google.com; s=arc-20160816; b=Svo1Q1yLCUXxNrD27NrOW7Of28gFkIROJaelqKdaXOj8Do6GnB9p3im6c2Oa9GgM92 +MKWXVuZOYxFOZ7+Rje8whuJbNAI1vTmUhS2Cf3kKV1K6F4Jv4iqB1kydDzWW5RdE5q7 ociWBQMRaU8fdzN2idKgIyUroIkSU6JiSEU0wxf4uLdxTXoXd6jfvJmtzYN8BPEQ/CK6 oVYNE+6sXrNK4DUAvhCt53tLZcdpO6CKcc7aL4LVmqjJtqvemuUjrXHtROxzdCBmOu0Q SQAC46hr5lV/6NDfWeY7dFFMcTyWaLdjsPgcI9N3HdP9b7GkZKCMlm/29zG+Xnlbfi2i PQ6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :arc-authentication-results; bh=VWeJdLr7i+Nj8skUBmfNWG7F6i0Qyic239masSq18YU=; b=qnvdg0qe62AlHdyrtJcWLKvW2vL+Sh9DXT1K99bmyzxDIKq6cnfMsisWpIu3GktpbP b4cmr9ArbSXqMVj4EUbonuJgt3Cmh3GHzKSadlQ9vKtmXBJqp4NMOH6qCdCEjr6c7XIx CScA+vKqMNgLiTddHOXKEEAi2M5VviAy5pDebAdwiU8K7LBcohldEyJ4N+BXQiALeDKX psjMInrWRbaVK+yhyIuPdD5g+4QHpiVy/E8OTsPYBKnaPnFF+xvMUT3sAVle3Hz58NBF UTHRzaP51508f6fz3CPChlt3ap+7BZAcLVqRjfHcYH7H7Rc2x+ZhYhCBn1J22DnaZoCr mc6g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 11si3702148pfu.71.2018.03.22.13.55.27; Thu, 22 Mar 2018 13:55:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751761AbeCVUxV (ORCPT + 99 others); Thu, 22 Mar 2018 16:53:21 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:56040 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751291AbeCVUxS (ORCPT ); Thu, 22 Mar 2018 16:53:18 -0400 Received: from akpm3.svl.corp.google.com (unknown [104.133.9.71]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id D23E0102D; Thu, 22 Mar 2018 20:53:15 +0000 (UTC) Date: Thu, 22 Mar 2018 13:53:14 -0700 From: Andrew Morton To: Ilya Smith Cc: rth@twiddle.net, ink@jurassic.park.msu.ru, mattst88@gmail.com, vgupta@synopsys.com, linux@armlinux.org.uk, tony.luck@intel.com, fenghua.yu@intel.com, jhogan@kernel.org, ralf@linux-mips.org, jejb@parisc-linux.org, deller@gmx.de, benh@kernel.crashing.org, paulus@samba.org, mpe@ellerman.id.au, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, ysato@users.sourceforge.jp, dalias@libc.org, davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, x86@kernel.org, nyc@holomorphy.com, viro@zeniv.linux.org.uk, arnd@arndb.de, gregkh@linuxfoundation.org, deepa.kernel@gmail.com, mhocko@suse.com, hughd@google.com, kstewart@linuxfoundation.org, pombredanne@nexb.com, steve.capper@arm.com, punit.agrawal@arm.com, paul.burton@mips.com, aneesh.kumar@linux.vnet.ibm.com, npiggin@gmail.com, keescook@chromium.org, bhsharma@redhat.com, riel@redhat.com, nitin.m.gupta@oracle.com, kirill.shutemov@linux.intel.com, dan.j.williams@intel.com, jack@suse.cz, ross.zwisler@linux.intel.com, jglisse@redhat.com, willy@infradead.org, aarcange@redhat.com, oleg@redhat.com, linux-alpha@vger.kernel.org, linux-kernel@vger.kernel.org, linux-snps-arc@lists.infradead.org, linux-arm-kernel@lists.infradead.org, linux-ia64@vger.kernel.org, linux-metag@vger.kernel.org, linux-mips@linux-mips.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, sparclinux@vger.kernel.org, linux-mm@kvack.org Subject: Re: [RFC PATCH v2 1/2] Randomization of address chosen by mmap. Message-Id: <20180322135314.61efce938293e051e118fa46@linux-foundation.org> In-Reply-To: <1521736598-12812-2-git-send-email-blackzert@gmail.com> References: <1521736598-12812-1-git-send-email-blackzert@gmail.com> <1521736598-12812-2-git-send-email-blackzert@gmail.com> X-Mailer: Sylpheed 3.6.0 (GTK+ 2.24.31; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 22 Mar 2018 19:36:37 +0300 Ilya Smith wrote: > include/linux/mm.h | 16 ++++-- > mm/mmap.c | 164 +++++++++++++++++++++++++++++++++++++++++++++++++++++ You'll be wanting to update the documentation. Documentation/sysctl/kernel.txt and Documentation/admin-guide/kernel-parameters.txt. > ... > > @@ -2268,6 +2276,9 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info); > static inline unsigned long > vm_unmapped_area(struct vm_unmapped_area_info *info) > { > + /* How about 32 bit process?? */ > + if ((current->flags & PF_RANDOMIZE) && randomize_va_space > 3) > + return unmapped_area_random(info); The handling of randomize_va_space is peculiar. Rather than being a bitfield which independently selects different modes, it is treated as a scalar: the larger the value, the more stuff we randomize. I can see the sense in that (and I wonder what randomize_va_space=5 will do). But it is... odd. Why did you select randomize_va_space=4 for this? Is there a mode 3 already and we forgot to document it? Or did you leave a gap for something? If the former, please feel free to fix the documentation (in a separate, preceding patch) while you're in there ;) > if (info->flags & VM_UNMAPPED_AREA_TOPDOWN) > return unmapped_area_topdown(info); > else > @@ -2529,11 +2540,6 @@ int drop_caches_sysctl_handler(struct ctl_table *, int, > void drop_slab(void); > void drop_slab_node(int nid); > > > ... > > @@ -1780,6 +1781,169 @@ unsigned long mmap_region(struct file *file, unsigned long addr, > return error; > } > > +unsigned long unmapped_area_random(struct vm_unmapped_area_info *info) > +{ This function is just dead code if CONFIG_MMU=n, yes? Let's add the ifdefs to make it go away in that case. > + struct mm_struct *mm = current->mm; > + struct vm_area_struct *vma = NULL; > + struct vm_area_struct *visited_vma = NULL; > + unsigned long entropy[2]; > + unsigned long length, low_limit, high_limit, gap_start, gap_end; > + unsigned long addr = 0; > + > + /* get entropy with prng */ > + prandom_bytes(&entropy, sizeof(entropy)); > + /* small hack to prevent EPERM result */ > + info->low_limit = max(info->low_limit, mmap_min_addr); > + > > ... > > +found: > + /* We found a suitable gap. Clip it with the original high_limit. */ > + if (gap_end > info->high_limit) > + gap_end = info->high_limit; > + gap_end -= info->length; > + gap_end -= (gap_end - info->align_offset) & info->align_mask; > + /* only one suitable page */ > + if (gap_end == gap_start) > + return gap_start; > + addr = entropy[1] % (min((gap_end - gap_start) >> PAGE_SHIFT, > + 0x10000UL)); What does the magic 10000 mean? Isn't a comment needed explaining this? > + addr = gap_end - (addr << PAGE_SHIFT); > + addr += (info->align_offset - addr) & info->align_mask; > + return addr; > +} > > ... >