| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <26f0c73a-3a81-4ba6-2b6f-c5ca73ea866b@gmail.com>
Date: Wed, 9 Dec 2020 21:08:23 +0200
From: Topi Miettinen <toiwoton@...il.com>
To: Mike Rapoport <rppt@...nel.org>
Cc: linux-hardening@...r.kernel.org, akpm@...ux-foundation.org,
linux-mm@...ck.org, linux-kernel@...r.kernel.org,
Andy Lutomirski <luto@...nel.org>,
Jann Horn <jannh@...gle.com>,
Kees Cook <keescook@...omium.org>,
Linux API <linux-api@...r.kernel.org>,
Matthew Wilcox <willy@...radead.org>
Subject: Re: [PATCH] mm/vmalloc: randomize vmalloc() allocations
On 3.12.2020 8.58, Mike Rapoport wrote:
> On Wed, Dec 02, 2020 at 08:49:06PM +0200, Topi Miettinen wrote:
>> On 1.12.2020 23.45, Topi Miettinen wrote:
>>> Memory mappings inside kernel allocated with vmalloc() are in
>>> predictable order and packed tightly toward the low addresses. With
>>> new kernel boot parameter 'randomize_vmalloc=1', the entire area is
>>> used randomly to make the allocations less predictable and harder to
>>> guess for attackers.
>>>
>>
>> This also seems to randomize module addresses. I was going to check that
>> next, so nice surprise!
>
> Heh, that's because module_alloc() uses vmalloc() in that way or another :)
The modules are still allocated from their small (1.5GB) separate area
instead of the much larger (32TB/12.5PB) vmalloc area, which would
greatly improve ASLR for the modules. To fix that, I tried to to #define
MODULES_VADDR to VMALLOC_START etc. like x86_32 does, but then kernel
dies very early without even any output.
-Topi
Powered by blists - more mailing lists