lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160809040142.GA11449@nazgul.tnic>
Date:	Tue, 9 Aug 2016 06:01:42 +0200
From:	Borislav Petkov <bp@...e.de>
To:	Thomas Garnier <thgarnie@...gle.com>
Cc:	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	"H . Peter Anvin" <hpa@...or.com>, Joerg Roedel <jroedel@...e.de>,
	Dave Young <dyoung@...hat.com>,
	"Rafael J . Wysocki" <rafael.j.wysocki@...el.com>,
	Lv Zheng <lv.zheng@...el.com>, Baoquan He <bhe@...hat.com>,
	Dave Hansen <dave.hansen@...ux.intel.com>,
	Mark Salter <msalter@...hat.com>,
	Aleksey Makarov <aleksey.makarov@...aro.org>,
	Kees Cook <keescook@...omium.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Christian Borntraeger <borntraeger@...ibm.com>,
	Fabian Frederick <fabf@...net.be>,
	Toshi Kani <toshi.kani@...com>,
	Dan Williams <dan.j.williams@...el.com>, x86@...nel.org,
	linux-kernel@...r.kernel.org, kernel-hardening@...ts.openwall.com
Subject: Re: [PATCH v1 2/2] x86/KASLR: Increase BRK pages for KASLR memory
 randomization

On Mon, Aug 08, 2016 at 11:40:07AM -0700, Thomas Garnier wrote:
> Default implementation expects 6 pages maximum are needed for low page
> allocations. If KASLR memory randomization is enabled, the worse case
> of e820 layout would require 12 pages (no large pages). It is due to the
> PUD level randomization and the variable e820 memory layout.

Can't this number of required pages be computed based on the
randomization offset or somesuch instead of maxing it out by default on
every machine which enables CONFIG_RANDOMIZE_MEMORY?

> This bug was found while doing extensive testing of KASLR memory
> randomization on different type of hardware.
> 
> Signed-off-by: Thomas Garnier <thgarnie@...gle.com>
> ---
> Based on next-20160805
> ---
>  arch/x86/mm/init.c | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c
> index 6209289..3a27e6a 100644
> --- a/arch/x86/mm/init.c
> +++ b/arch/x86/mm/init.c
> @@ -130,6 +130,14 @@ void  __init early_alloc_pgt_buf(void)
>  	unsigned long tables = INIT_PGT_BUF_SIZE;
>  	phys_addr_t base;
>  
> +	/*
> +	 * Depending on the machine e860 memory layout and the PUD alignement.

				    e820			   alignment

> +	 * We may need twice more pages when KASLR memoy randomization is

						  memory

> +	 * enabled.
> +	 */
> +	if (IS_ENABLED(CONFIG_RANDOMIZE_MEMORY))
> +		tables *= 2;
> +
>  	base = __pa(extend_brk(tables, PAGE_SIZE));
>  
>  	pgt_buf_start = base >> PAGE_SHIFT;
> -- 
> 2.8.0.rc3.226.g39d4020
> 

-- 
Regards/Gruss,
    Boris.

ECO tip #101: Trim your mails when you reply.

SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
--

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ