lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <alpine.LNX.2.00.1312191631590.11852@pobox.suse.cz>
Date:	Thu, 19 Dec 2013 16:33:30 +0100 (CET)
From:	Jiri Kosina <jkosina@...e.cz>
To:	Timo Teras <timo.teras@....fi>
cc:	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH RFC] fs/binfmt_elf: fix memory map for PIE applications

On Thu, 19 Dec 2013, Timo Teras wrote:

> > > As you see, the main executable is mapped 57620000-57708000 and
> > > 57708000-5770a000. Heap follow immediately after that
> > > 5770a000-5770c000 followed by anything mmaped after it (stack or
> > > some other libraries). Heap can grow only up to 5ffdf000 meaning the
> > > application is limited to 140 megs or so in this instance. This
> > > limit can go much lower depending how the randomization went. And
> > > even 140 megs is very little for big apps.
> > 
> > So what is the real problem again (i.e. the actual symptoms), please?
> > Is it that your userspace memory allocator doesn't use mmap() for
> > allocations at all?
> 
> Random application failures with uclibc and musl c-libraries. Both seem
> to use mmap() for large allocations, and brk() for small ones. IIRC,
> there was also some minor breakage with other applications that use
> brk() to do some self-accounting / other funny stuff.

Hmm, that's really unfortunate. Applications really should be prepared for 
failing brk(), as there is no guarantee provided by anyobody whatsoever 
about the space allocated for the program break.

Heck, even my manpage tells me:

"Avoid using brk() and sbrk(): the malloc(3) memory allocation package is 
 the portable and comfortable  way  of allocating memory."

-- 
Jiri Kosina
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ