| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 25 Jul 2006 03:46:39 -0400
From: Chuck Ebbert <76306.1226@...puserve.com>
To: Andi Kleen <ak@...e.de>
Cc: Linus Torvalds <torvalds@...l.org>,
linux-kernel <linux-kernel@...r.kernel.org>,
Ingo Molnar <mingo@...e.hu>,
Arjan van de Ven <arjan@...radead.org>
Subject: [PATCH for 2.6.18rc2] [1/7] i386/x86-64: Don't randomize
stack top when...
In-Reply-To: <44c514a8.6HlRR82y133O2bd0%ak@...e.de>
On Mon, 24 Jul 2006 20:42:48 +0200, Andi Kleen wrote:
>
> --- linux.orig/arch/i386/kernel/process.c
> +++ linux/arch/i386/kernel/process.c
> @@ -37,6 +37,7 @@
> #include <linux/kallsyms.h>
> #include <linux/ptrace.h>
> #include <linux/random.h>
> +#include <linux/personality.h>
>
> #include <asm/uaccess.h>
> #include <asm/pgtable.h>
> @@ -905,7 +906,7 @@ asmlinkage int sys_get_thread_area(struc
>
> unsigned long arch_align_stack(unsigned long sp)
> {
> - if (randomize_va_space)
> + if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
> sp -= get_random_int() % 8192;
> return sp & ~0xf;
> }
I think this needs to be done always, at least on P4. It really isn't
'randomization' at the same high level as the rest -- more like a small
adjustment. And the offset should be a multiple of 128 and < 7K (not
8K.) Something like this:
unsigned int r = get_random_int();
sp &= ~0x7f;
sp -= 128 * ((r % 32) + (r / 32 % 16));
return sp;
--
Chuck
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists