lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <26f0c73a-3a81-4ba6-2b6f-c5ca73ea866b@gmail.com> Date: Wed, 9 Dec 2020 21:08:23 +0200 From: Topi Miettinen <toiwoton@...il.com> To: Mike Rapoport <rppt@...nel.org> Cc: linux-hardening@...r.kernel.org, akpm@...ux-foundation.org, linux-mm@...ck.org, linux-kernel@...r.kernel.org, Andy Lutomirski <luto@...nel.org>, Jann Horn <jannh@...gle.com>, Kees Cook <keescook@...omium.org>, Linux API <linux-api@...r.kernel.org>, Matthew Wilcox <willy@...radead.org> Subject: Re: [PATCH] mm/vmalloc: randomize vmalloc() allocations On 3.12.2020 8.58, Mike Rapoport wrote: > On Wed, Dec 02, 2020 at 08:49:06PM +0200, Topi Miettinen wrote: >> On 1.12.2020 23.45, Topi Miettinen wrote: >>> Memory mappings inside kernel allocated with vmalloc() are in >>> predictable order and packed tightly toward the low addresses. With >>> new kernel boot parameter 'randomize_vmalloc=1', the entire area is >>> used randomly to make the allocations less predictable and harder to >>> guess for attackers. >>> >> >> This also seems to randomize module addresses. I was going to check that >> next, so nice surprise! > > Heh, that's because module_alloc() uses vmalloc() in that way or another :) The modules are still allocated from their small (1.5GB) separate area instead of the much larger (32TB/12.5PB) vmalloc area, which would greatly improve ASLR for the modules. To fix that, I tried to to #define MODULES_VADDR to VMALLOC_START etc. like x86_32 does, but then kernel dies very early without even any output. -Topi
Powered by blists - more mailing lists