Received: by 2002:a05:7412:cfc7:b0:fc:a2b0:25d7 with SMTP id by7csp76574rdb; Fri, 16 Feb 2024 22:26:09 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXhb4JFrUALAMPEi2N6neW7Zs7YgY8Kw2ewkWEPx2k0luTgPq9pBt67FPtNrWCHaIv5h4/ScUdiOmiL5tBRL9RvPLw6/fWKCMJleDip6g== X-Google-Smtp-Source: AGHT+IFaVvUgR+Lv33acs/hXoa+DfjYr2Ng75VAKxNoMaBlgC9iANNZxOaDB8/ckIZNzAyaXJZ2T X-Received: by 2002:a05:6358:7e04:b0:17b:2bc6:e843 with SMTP id o4-20020a0563587e0400b0017b2bc6e843mr2850957rwm.18.1708151169378; Fri, 16 Feb 2024 22:26:09 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708151169; cv=pass; d=google.com; s=arc-20160816; b=0U2/HQxYvVI9Mh2fTZEg+ZrMS3EgIvuLA+3lsFIj9upDUfx/Su98QwYhXaayBOi6J2 XJWyX01X//j0NGFRY8fvRFbMNmTx0BHx8hJ6uV13JUjPuqzz3RWxrGywoib05aPaU8fu hrrqJ5i3WFPM1PrLfXi9DtBxFaz5Eb5wvV5P599b7sSR4REs2I1jm5ib8exNEKygEd3O jijVGR5j7KE5/x+vndP8Vb5NZ+bGSzSnBDmTlXlJXyro4DxnbMtyzagPwmg/Pzdj0zzh WONY9z0jeiq8wN3kS3c1DcYKsMfa23UUf5RwXyItwdcI4zffMmaj4t3KVVxNtzIU2EJK yhgA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=cWt8teqLAwEcY7rEsFaKXXpAOKx8kXlOD34XjezwzT8=; fh=rHOllAq+j7ObHm4uiFmRoSr/c+GVjosOYFtwKMnaGu4=; b=Q/TJu89eRI+8xo0ZSdL9dmN0XZnjDvAuCQIvahKucx6TNAlNCvgURLL0ufCucrMTag 1EdMae71HNQikfz9lesABBEbjqXE8xgFvJD0lpaDc7/MmcWZ8gv6EBr3cyvw5PQhW1S/ entO1RLtuw6DnCh31sP1HPk1XICb5fWpnnHKegxZd7/fY8nn62kd3+/+YBbdPSJYyg1h Gs7Wmo1kl1kbPXT23+Hurxb83cTp2ZUUFrYkGIjE6loxRxkqRH5dmJPXBe0Dav071BTc u8TzaFZspWmCi4CVio3xujEhLoPwih9KemJNvfLJFYO7D0B7Ml+9O/UyqDPpTfaK3/oE YLCA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=SRlgUqNN; arc=pass (i=1 spf=pass spfdomain=chromium.org dkim=pass dkdomain=chromium.org dmarc=pass fromdomain=chromium.org); spf=pass (google.com: domain of linux-kernel+bounces-69705-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-69705-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id nb9-20020a17090b35c900b002995df256d9si365840pjb.164.2024.02.16.22.26.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Feb 2024 22:26:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-69705-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=SRlgUqNN; arc=pass (i=1 spf=pass spfdomain=chromium.org dkim=pass dkdomain=chromium.org dmarc=pass fromdomain=chromium.org); spf=pass (google.com: domain of linux-kernel+bounces-69705-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-69705-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 17139282A5B for ; Sat, 17 Feb 2024 06:26:09 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E48601CD3D; Sat, 17 Feb 2024 06:25:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="SRlgUqNN" Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A0CA81CAA8 for ; Sat, 17 Feb 2024 06:25:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.176 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708151150; cv=none; b=pBGa4+w3LnElrAQL7MotOVpXp8z31V2txO03zkXyMakfZm9PLWeROT6WrEz23wVNWFyF1lw3fXzcKCsc1ARhhQpVOO92liWy6lAYme93T4zoAsKYkUAN/14mbX7jR4ujvpxcJzzsvhsKnP115DcuS9wddWCEMTn2qZhc9Kv7Pek= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708151150; c=relaxed/simple; bh=0rdN5Ywql8YEUys9LVJTJWHqvzfAzwrX+79MyzxBI4I=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version; b=CRAVjrRsHKGaloxDvyNzK/SrBm156yZ/zveQRfrkQulNO/ynyxWp3QQBgf0rCLazlMVcG2M1F6j/PJ8Yk4WpUupYSwcjP/L9ch6kOqzazYyqU8SuYdzSXXEnr8s2Ax/46D+lxMzKsnOpLBL4Mem0euuC90FL2j651tOeu+Y/yuI= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org; spf=pass smtp.mailfrom=chromium.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b=SRlgUqNN; arc=none smtp.client-ip=209.85.214.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=chromium.org Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-1d95d67ff45so22811915ad.2 for ; Fri, 16 Feb 2024 22:25:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1708151148; x=1708755948; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=cWt8teqLAwEcY7rEsFaKXXpAOKx8kXlOD34XjezwzT8=; b=SRlgUqNNNRYHNWvpJpxkk38Ht2XtcaahmZT0sYkwFA9C58kkDYYZrF+Wz7FxWL73EW 79+TcdO0SVg8LW2XT926h/Vt1khlXnIdrz312YLCHCj5SH/9C3kwCGerc3BzBdFcxCYZ 1S9/XFg1MoU5ZWXb6EaykJmymk8Krq2mecU5w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708151148; x=1708755948; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=cWt8teqLAwEcY7rEsFaKXXpAOKx8kXlOD34XjezwzT8=; b=r1Fz5696n1JHJtz4aFJyQh00e/SLxiGcZz0gkdLlY3M9cvk7xOCopkUIo767FLqk9U Bpj+DE4XbX/EpcSr6R5SmnJJwhXcuITryXrON0CV46ucPf3S+rqTtJoFkEacTX7Fgx2g BgLkwQ2onKVjwyN+Fz51GrfgCbGyMnKuMGEzR4ljJhasYx+NPXIjH21EyFT4bkqVsi3w hpnfBZgkNCY7Zke2CjF9WT8JcxsmXILWTkFl48bTZ+nNHQtPtHN12n5kuORGllpOtE6F 53tI2YNysKLcXJujmBtzqLfTGenj326FxJNqWvs1Pm9fhrylmUSR4kVhIB2Msm2LyWBK PF+Q== X-Forwarded-Encrypted: i=1; AJvYcCVJx23WX7yOkJUjbc/0fjo0or0mEKi6SnTC5xzMbKlxHycJ08jfVrEvDyHoqx/krqUgRKsRYB18PJnfRpAySIjmQISz5P7n1EBBVjBY X-Gm-Message-State: AOJu0YxefxkAzAKyJC1Ou9CkOpV6ldhjW2UFzNa6Jur/DYBrLVP5uBoG 8H89i/DMYwrSQ0GbEKXJaMZWE4KfkTRsi+hVaNR7EJkGIFFzNjNoSfNlcVc3xg== X-Received: by 2002:a17:902:bd84:b0:1d8:cc30:bb18 with SMTP id q4-20020a170902bd8400b001d8cc30bb18mr6427467pls.52.1708151147993; Fri, 16 Feb 2024 22:25:47 -0800 (PST) Received: from www.outflux.net ([198.0.35.241]) by smtp.gmail.com with ESMTPSA id kv5-20020a17090328c500b001db5fc51d71sm784311plb.160.2024.02.16.22.25.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Feb 2024 22:25:46 -0800 (PST) From: Kees Cook To: Jiri Kosina Cc: Kees Cook , Geert Uytterhoeven , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Peter Zijlstra , Qi Zheng , Alexandre Ghiti , Al Viro , Christian Brauner , Jan Kara , Eric Biederman , Christophe Leroy , Josh Poimboeuf , "Kirill A. Shutemov" , Rick Edgecombe , Brian Gerst , Bjorn Helgaas , Tony Battersby , linux-kernel@vger.kernel.org, y0un9n132@gmail.com, x86@kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org Subject: [PATCH 0/2] Adjust brk randomness Date: Fri, 16 Feb 2024 22:25:42 -0800 Message-Id: <20240217062035.work.493-kees@kernel.org> X-Mailer: git-send-email 2.34.1 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=656; i=keescook@chromium.org; h=from:subject:message-id; bh=0rdN5Ywql8YEUys9LVJTJWHqvzfAzwrX+79MyzxBI4I=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBl0FFo0XJ9PWurSkP5cp5jRezJ7UeZ+6fL+o1Sb VdG6+/Tu2yJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZdBRaAAKCRCJcvTf3G3A Jj2JEACkIrsCN/yzegtBO6Y04l+D7EWAUVXo9GIO/a66vCghjrqM320G2Rf3cSgbANwx9VKnkwK KBj4N8PVQVj3GJ05FrqXoxkez9znAutsnPUfw7kQXGgcL6xYIjeKz7r62SSSaxKDLh5cgVNWcZo +Ep3MbA3WO6RrC92yZD84DC347/oOWWo/xA99yrJX5NCB6XwoclZbdIG2340YJASly+ktJr1W3C NL7NImsV7wc13qqwwVd2Z4zOSLwLipvZriRFOxLicz5e4DSAEI7H2hz8DNq7XdgPVAMpYNwPEHH wpssXTFJaqzq/DpH/mPRMmE3099smsh7qmxWil1VovFC4dOpd2z2S13vXbDCjCIYRDmfDsKX+Q+ 3GPKJNPuyI5Jg7bMh/T7Tr3VqFCXVN9ekjXpq7Csdckcaq2xEto9jVoUFVu0Zlp2l88LQZrWL8e +xIRxU+bYIltyH9cQ8rZbIcrwp3biDynk471VrN+PAo0ct8Lr2f7PbpIy4qFsJsVwAKzitf/owv 8Jux/+A4BtuL7WqTwI15JobtzRnwiKX6CvnGLD7jQ2ohTK8yem2G9HL1Gj8o3bAdsNe/FMJIBWg sIzUHxU2yjSewmhJMcV4PwI/Y+z3nUS02eQ1w/OlDvEpU2XfaqsD+NEPKKhcVbkrhZSHRO571dp 8sfZ11TG 1uahJAA== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Content-Transfer-Encoding: 8bit Hi, It was recently pointed out[1] that x86_64 brk entropy was not great, and that on all architectures the brk can (when the random offset is 0) be immediately adjacent to .bss, leaving no gap that could stop linear overflows from the .bss. Address both issues. -Kees Link: https://lore.kernel.org/linux-hardening/CA+2EKTVLvc8hDZc+2Yhwmus=dzOUG5E4gV7ayCbu0MPJTZzWkw@mail.gmail.com [1] Kees Cook (2): x86: Increase brk randomness entropy on x86_64 binfmt_elf: Leave a gap between .bss and brk arch/x86/kernel/process.c | 5 ++++- fs/binfmt_elf.c | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) -- 2.34.1