Subject: Re: [PATCH] Undo some of the pseudo-security madness
From: Arjan van de Ven <arjan@infradead.org>
To: Samium Gromoff <_deepfire@feelingofgreen.ru>
Cc: Pavel Machek <pavel@ucw.cz>, Valdis.Kletnieks@vt.edu,
       David Wagner <daw@cs.berkeley.edu>, linux-kernel@vger.kernel.org
In-Reply-To: <87mz4996wg.wl@betelheise.deep.net>
References: <87r6toufpp.wl@betelheise.deep.net>
	 <200701221520.l0MFKLdK032645@turing-police.cc.vt.edu>
	 <871wlnq7ue.wl@betelheise.deep.net> <20070123084805.GB5560@ucw.cz>
	 <87mz4996wg.wl@betelheise.deep.net>
Content-Type: text/plain
Organization: Intel International BV
Date: Wed, 31 Jan 2007 17:59:48 +0800
Message-Id: <1170237588.2865.2.camel@laptopd505.fenrus.org>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1057
Lines: 24


> No amount of carefulness will prevent vendors stick arbitrarily
> damaging values of stack and mmap base randomisation, severely reducing
> the usefullness of MAP_FIXED.

MAP_FIXED is useful still. The only safe way is to use addresses you got
from mmap(), eg you overmap something.
Anything else is madness, with or without randomization. The C library
for example is free, and does, allocate memory and stacks etc etc.

Same for many other libraries; in addition libraries change in size all
the time... MAP_FIXED of an address you don't KNOW is free is a bug.
Period.
(using an address previously obtained from mmap() is safest, but you
could in theory also parse /proc/self/maps, although that is racey,
since nothing guarantees that the C library didn't spawn a background
thread that allocates memory)


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/