On Sun, May 26, 2019 at 09:47:43AM -0400, Alexandre Ghiti wrote: > This commit simply bumps up to 32MB and 1GB the random offset > of brk, compared to 8MB and 256MB, for 32bit and 64bit respectively. > > Suggested-by: Kees Cook <keesc...@chromium.org> > Signed-off-by: Alexandre Ghiti <a...@ghiti.fr>
Reviewed-by: Kees Cook <keesc...@chromium.org> -Kees > --- > arch/mips/mm/mmap.c | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) > > diff --git a/arch/mips/mm/mmap.c b/arch/mips/mm/mmap.c > index ffbe69f3a7d9..c052565b76fb 100644 > --- a/arch/mips/mm/mmap.c > +++ b/arch/mips/mm/mmap.c > @@ -16,6 +16,7 @@ > #include <linux/random.h> > #include <linux/sched/signal.h> > #include <linux/sched/mm.h> > +#include <linux/sizes.h> > > unsigned long shm_align_mask = PAGE_SIZE - 1; /* Sane caches */ > EXPORT_SYMBOL(shm_align_mask); > @@ -189,11 +190,11 @@ static inline unsigned long brk_rnd(void) > unsigned long rnd = get_random_long(); > > rnd = rnd << PAGE_SHIFT; > - /* 8MB for 32bit, 256MB for 64bit */ > + /* 32MB for 32bit, 1GB for 64bit */ > if (TASK_IS_32BIT_ADDR) > - rnd = rnd & 0x7ffffful; > + rnd = rnd & SZ_32M; > else > - rnd = rnd & 0xffffffful; > + rnd = rnd & SZ_1G; > > return rnd; > } > -- > 2.20.1 > -- Kees Cook
