| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Feb 2008 17:18:10 +0100 From: Pavel Machek <pavel@....cz> To: Jakub Jelinek <jakub@...hat.com> Cc: Ingo Molnar <mingo@...e.hu>, Jiri Kosina <jkosina@...e.cz>, Andrew Morton <akpm@...l.org>, "Rafael J. Wysocki" <rjw@...k.pl>, kernel list <linux-kernel@...r.kernel.org>, Abel Bernabeu <abel.bernabeu@...il.com>, Hugh Dickins <hugh@...itas.com>, Arjan van de Ven <arjan@...radead.org> Subject: Re: [regression] Re: brk randomization breaks columns On Tue 2008-02-05 08:05:46, Jakub Jelinek wrote: > On Tue, Feb 05, 2008 at 01:54:26PM +0100, Ingo Molnar wrote: > > * Jiri Kosina <jkosina@...e.cz> wrote: > > > > > On Tue, 5 Feb 2008, Pavel Machek wrote: > > > > > > > > Actually, this clearly shows that either prehistoric libc.so.5 or the > > > > > program itself are broken. > > > > I believe it shows clear regression in latest 2.6.25 kernel. > > > > > > I am still not completely sure. It might be a regression, but it also > > > might just trigger the bug in ancient version in libc.so.5 which might > > > be fixed in some later version [...] > > > > which too is a regression ... > > > > really, lets add a sysctl for this, and a .config option that either > > disables or enables it. Then we will default to disabled. (but users can > > enable it - and distros can build their kernels with this .config option > > enabled) > > I don't think kernel should care about programs which are buggy and make invalid > assumptions, and that's the case here. I remember we have been Those "invalid assumptions" crept into documentation. Everybody knew heap starts at the end of bss in 1995. > 5 years ago when brk randomization has been added to Red Hat kernels. There was > one or two broken programs which made assumptions on what brk(0) is supposed > to return at program startup, everything else was ok. That's not the problem. Problem is that programs assume brk(0x12345678) allocates space between end of bss and 0x12345678; which is no longer the case. And actually even http://opengroup.org/onlinepubs/007908775/xsh/brk.html only talks about "ammount of space"... implying begging of that space is well known. Pavel PS: It would be nice to fix linux man pages to say that it brk() moves end of the heap, only, and that any usage of brk() is invalid w/o doing brk(0) before. -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists