lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1291119324.2904.51.camel@edumazet-laptop>
Date:	Tue, 30 Nov 2010 13:15:24 +0100
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Victor van der Veen <vvdveen@...il.com>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: When was ASLR introduced in the Linux kernel?

Le mardi 30 novembre 2010 à 12:47 +0100, Victor van der Veen a écrit :
> Hi,
> 
> - When was ASLR introduced in the Linux kernel (not PaX/ExecShield)? 
> - When was ASLR enabled by default? 
> - What's the current state of ASLR in the Linux kernel? Is it still
> under development? Or should we rely on the PaX/ExecShield patches?
> 
> Wikipedia states that "a weak form of ASLR exists in the linux kernel
> since version 2.6.12 (June 2005)", but I could not find any proof that
> backs this up. I grepped changelogs of the entire 2.6 kernel, but I was
> unable to find any relevant information. Grepping the source code did
> not help either. Any more Google results all quote the same wikipedia
> line. 
> 

randomize-va-space:

echo  val >/proc/sys/kernel/randomize_va_space


vi +391 Documentation/sysctl/kernel.txt

This option can be used to select the type of process address
space randomization that is used in the system, for architectures
that support this feature.

0 - Turn the process address space randomization off.  This is the
    default for architectures that do not support this feature anyways,
    and kernels that are booted with the "norandmaps" parameter.

1 - Make the addresses of mmap base, stack and VDSO page randomized.
    This, among other things, implies that shared libraries will be
    loaded to random addresses.  Also for PIE-linked binaries, the
    location of code start is randomized.  This is the default if the
    CONFIG_COMPAT_BRK option is enabled.

2 - Additionally enable heap randomization.  This is the default if
    CONFIG_COMPAT_BRK is disabled.

    There are a few legacy applications out there (such as some ancient
    versions of libc.so.5 from 1996) that assume that brk area starts
    just after the end of the code+bss.  These applications break when
    start of the brk area is randomized.  There are however no known
    non-legacy applications that would be broken this way, so for most
    systems it is safe to choose full randomization.

    Systems with ancient and/or broken binaries should be configured
    with CONFIG_COMPAT_BRK enabled, which excludes the heap from process
    address space randomization.



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ