lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Z2SXUhRog7Bak5F_@fedora>
Date: Thu, 19 Dec 2024 16:59:46 -0500
From: Audra Mitchell <audra@...hat.com>
To: Matthew Wilcox <willy@...radead.org>
Cc: linux-mm@...ck.org, raquini@...hat.com, aris@...hat.com,
	akpm@...ux-foundation.org, william.kucharski@...cle.com,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] mm: Stop PMD alignment for PIE shared objects

On Thu, Dec 19, 2024 at 09:30:58PM +0000, Matthew Wilcox wrote:
> On Thu, Dec 19, 2024 at 04:15:52PM -0500, Audra Mitchell wrote:
> > After commit 1854bc6e2420 ("mm/readahead: Align file mappings for non-DAX")
> > any request through thp_get_unmapped_area would align to a PMD_SIZE,
> > causing shared objects to have less randomization than previously (9 less
> > bits for 2MB PMDs). As these lower 9 bits are the most impactful for
> > ASLR, this change could be argued to have an impact on security.
> 
> Yes, very tiresome people have been making that argument for a long
> time.  Do you have anything further to add to the discussion that
> happened here:
> 
> https://lore.kernel.org/linux-mm/20240118133504.2910955-1-shy828301@gmail.com/
> 
> particularly in light of 3afb76a66b55 existing.

Hey all,

Happy Holidays! I was not aware of this discussion, so thank you for bringing
it to my attention. I've read over it and I'll take a closer look after the
holidays. 

Respectfully, I'm trying to understand your view of this problem given your
feedback - can you clarify for me what you mean by "particularly in light 
of" regarding 3afb76a66b55... it looks to me like this was reverted with 
14d7c92f8df9 and there does appear to be some room for improvement for this
topic based on linus' commit message there.

I did play around with the idea of checking to see if kaslr was enabled and
only doing the return in that case, as users then could opt-in to the
solution or not.. 

Thanks in advance for your insight!

 
> > Fix this issue by checking that the request is aligned to the PMD_SIZE,
> > otherwise fall back to mm_get_unmapped_area_vmflags().
> 
> NAK this version anyway.  Even if the executable is, say, 2.1MB in size,
> we still want the first 2MB of the file to be covered with a PMD
> mapping.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ