On Thu, Feb 2, 2017 at 9:11 PM, Bhupesh Sharma <bhsha...@redhat.com> wrote: > powerpc: arch_mmap_rnd() uses hard-coded values, (23-PAGE_SHIFT) for > 32-bit and (30-PAGE_SHIFT) for 64-bit, to generate the random offset > for the mmap base address. > > This value represents a compromise between increased > ASLR effectiveness and avoiding address-space fragmentation. > Replace it with a Kconfig option, which is sensibly bounded, so that > platform developers may choose where to place this compromise. > Keep default values as new minimums. > > This patch makes sure that now powerpc mmap arch_mmap_rnd() approach > is similar to other ARCHs like x86, arm64 and arm. > > Cc: Alexander Graf <ag...@suse.com> > Cc: Benjamin Herrenschmidt <b...@kernel.crashing.org> > Cc: Paul Mackerras <pau...@samba.org> > Cc: Michael Ellerman <m...@ellerman.id.au> > Cc: Anatolij Gustschin <ag...@denx.de> > Cc: Alistair Popple <alist...@popple.id.au> > Cc: Matt Porter <mpor...@kernel.crashing.org> > Cc: Vitaly Bordug <v...@kernel.crashing.org> > Cc: Scott Wood <o...@buserror.net> > Cc: Kumar Gala <ga...@kernel.crashing.org> > Cc: Daniel Cashman <dcash...@android.com> > Signed-off-by: Bhupesh Sharma <bhsha...@redhat.com> > Reviewed-by: Kees Cook <keescook at chromium.org>
This " at " should be "@", but otherwise, yay v2! :) -Kees -- Kees Cook Pixel Security
