On 12/07/2015 03:13 AM, Arnd Bergmann wrote:
> On Monday 07 December 2015 10:26:16 Jon Hunter wrote:
>>
>> diff --git a/arch/arm64/mm/mmap.c b/arch/arm64/mm/mmap.c
>> index af461b935137..e59a75a308bc 100644
>> --- a/arch/arm64/mm/mmap.c
>> +++ b/arch/arm64/mm/mmap.c
>> @@ -51,7 +51,7 @@ unsigned lo
From: dcashman
Address Space Layout Randomization (ASLR) provides a barrier to exploitation of
user-space processes in the presence of security vulnerabilities by making it
more difficult to find desired code/data which could help an attack. This is
done by adding a random offset to the locati
, so that platform developers may choose where to
place this compromise. Keep 8 as the minimum acceptable value.
Signed-off-by: Daniel Cashman
---
arch/arm/Kconfig | 10 ++
arch/arm/mm/mmap.c | 3 +--
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/arch/arm/Kconfig b
platforms. Allow the specification of a minimum number of bits so that
platforms desiring greater ASLR protection may determine where to place
the trade-off.
Signed-off-by: Daniel Cashman
---
Documentation/sysctl/vm.txt | 29
arch/Kconfig| 64
that platform developers may choose where to
place this compromise. Keep default values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/arm64/Kconfig | 23 +++
arch/arm64/mm/mmap.c | 6 --
2 files changed, 27 insertions(+), 2 deletions(-)
diff --git a/arch/arm64
, which is sensibly bounded, so that platform
developers may choose where to place this compromise. Keep default
values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/x86/Kconfig | 16
arch/x86/mm/mmap.c | 12 ++--
2 files changed, 22 insertions(+), 6 deletions
, so that platform developers may choose where to
place this compromise. Keep 8 as the minimum acceptable value.
Signed-off-by: Daniel Cashman
---
arch/arm/Kconfig | 10 ++
arch/arm/mm/mmap.c | 3 +--
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/arch/arm/Kconfig b
, which is sensibly bounded, so that platform
developers may choose where to place this compromise. Keep default
values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/x86/Kconfig | 16
arch/x86/mm/mmap.c | 12 ++--
2 files changed, 22 insertions(+), 6 deletions
that platform developers may choose where to
place this compromise. Keep default values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/arm64/Kconfig | 23 +++
arch/arm64/mm/mmap.c | 6 --
2 files changed, 27 insertions(+), 2 deletions(-)
diff --git a/arch/arm64
platforms. Allow the specification of a minimum number of bits so that
platforms desiring greater ASLR protection may determine where to place
the trade-off.
Signed-off-by: Daniel Cashman
---
Documentation/sysctl/vm.txt | 29
arch/Kconfig| 64
From: dcashman
Address Space Layout Randomization (ASLR) provides a barrier to exploitation of
user-space processes in the presence of security vulnerabilities by making it
more difficult to find desired code/data which could help an attack. This is
done by adding a random offset to the locati
> I think the min/max values should be const, since they're determined
> at build time and should never change.
Ok. Also, I just submitted the patch-set again with [PATCH v3] instead
of [PATCH] so I'd prefer discussion there; sorry for the mistake.
-Dan
--
To unsubscribe from this list: send the
On 11/18/2015 03:20 PM, Daniel Cashman wrote:
> ==
>
> +mmap_rnd_bits:
> +
> +This value can be used to select the number of bits to use to
> +determine the random offset to the base address of vma regions
>
On 11/18/2015 03:20 PM, Daniel Cashman wrote:
> - /*
> - * 8 bits of randomness in 32bit mmaps, 20 address space bits
> - * 28 bits of randomness in 64bit mmaps, 40 address space bits
> - */
This should be removed.
--
To unsubscribe from this list: send the line
Thank you for this. I will add this to the recently posted patchset
v4. Without CONFIG_MMU, arch_pick_mmap_layout() is a no-op and the
arch/$ARCH/mm/mmap.c source is not included, so this change makes
sense. In addition, we should drop the nommu default and add
depends-on for the Kconfig portio
;> on the various CONFIG options that calculate the valid min/maxes. Only
>> mmap_rnd_bits itself should be changing.
>
> hmpf.
>
> From: Andrew Morton
> Subject: include/linux/sysctl.h: make ctl_table.extra1/2 const
>
> Nothing should be altering these values. Decl
On 11/30/2015 04:03 PM, Kees Cook wrote:
> On Thu, Nov 26, 2015 at 2:59 PM, Daniel Cashman wrote:
>> diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c
>> index 844b06d..647fecf 100644
>> --- a/arch/x86/mm/mmap.c
>> +++ b/arch/x86/mm/mmap.c
>> @@ -69,14 +69,
that platform developers may choose where to
place this compromise. Keep default values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/arm64/Kconfig | 31 +++
arch/arm64/mm/mmap.c | 8 ++--
2 files changed, 37 insertions(+), 2 deletions(-)
diff --git a
platforms. Allow the specification of a minimum number of bits so that
platforms desiring greater ASLR protection may determine where to place
the trade-off.
Signed-off-by: Daniel Cashman
---
Documentation/sysctl/vm.txt | 29 +++
arch/Kconfig| 68
, so that platform developers may choose where to
place this compromise. Keep 8 as the minimum acceptable value.
Signed-off-by: Daniel Cashman
---
arch/arm/Kconfig | 9 +
arch/arm/mm/mmap.c | 3 +--
2 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/arch/arm/Kconfig b/arch
, which is sensibly bounded, so that platform
developers may choose where to place this compromise. Keep default
values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/x86/Kconfig | 16
arch/x86/mm/mmap.c | 12 ++--
2 files changed, 22 insertions(+), 6 deletions
Address Space Layout Randomization (ASLR) provides a barrier to exploitation of
user-space processes in the presence of security vulnerabilities by making it
more difficult to find desired code/data which could help an attack. This is
done by adding a random offset to the location of regions in
On 12/3/15 4:17 AM, Will Deacon wrote:
>> +select HAVE_ARCH_MMAP_RND_BITS if MMU
>> +select HAVE_ARCH_MMAP_RND_COMPAT_BITS if MMU && COMPAT
>
> You can drop the 'if MMU' bits, since we don't support !MMU on arm64.
Ok, will do. I was a little uneasy leaving it implicit, but even if
somethi
On 12/14/2015 03:19 AM, Will Deacon wrote:
>> +# max bits determined by the following formula:
>> +# VA_BITS - PAGE_SHIFT - 3
>
> Now that we have this comment, I think we can drop the unsupported
> combinations from the list below. That means we just end up with:
>
>> +config ARCH_MMAP_RND_BITS
On 12/14/2015 10:58 AM, H. Peter Anvin wrote:
> On 12/11/15 09:52, Daniel Cashman wrote:
>> diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c
>> index 844b06d..647fecf 100644
>> --- a/arch/x86/mm/mmap.c
>> +++ b/arch/x86/mm/mmap.c
>> @@ -69,14 +69,14 @@
On 11/24/2015 04:39 PM, Andrew Morton wrote:
> mips, powerpc and s390 also implement arch_mmap_rnd(). Are there any
> special considerations here, or it just a matter of maintainers wiring
> it up and testing it?
I had not yet looked at those at all, as I had no way to do even a
rudimentary "doe
On 11/24/2015 04:47 PM, Kees Cook wrote:
> On Tue, Nov 24, 2015 at 4:40 PM, Andrew Morton
> wrote:
>> On Wed, 18 Nov 2015 15:20:05 -0800 Daniel Cashman
>> wrote:
>>
>>> --- a/kernel/sysctl.c
>>> +++ b/kernel/sysctl.c
>>> @@ -
On 11/24/2015 08:26 PM, Michael Ellerman wrote:
> On Mon, 2015-11-23 at 10:55 -0800, Daniel Cashman wrote:
>> On 11/23/2015 07:04 AM, Will Deacon wrote:
>>> On Wed, Nov 18, 2015 at 03:20:07PM -0800, Daniel Cashman wrote:
>>>> +config ARCH_MMAP_RND_BITS_
On 11/24/2015 08:40 PM, Michael Ellerman wrote:
> On Wed, 2015-11-18 at 15:20 -0800, Daniel Cashman wrote:
>
>> From: dcashman
>>
>> ASLR currently only uses 8 bits to generate the random offset for the
>> mmap base address on 32 bit architectures. This value was
On 11/25/2015 04:06 AM, Catalin Marinas wrote:
> On Mon, Nov 23, 2015 at 10:55:16AM -0800, Daniel Cashman wrote:
>> On 11/23/2015 07:04 AM, Will Deacon wrote:
>>> On Wed, Nov 18, 2015 at 03:20:07PM -0800, Daniel Cashman wrote:
>>>> +config ARCH_MMAP_RND_BITS_
Address Space Layout Randomization (ASLR) provides a barrier to exploitation of
user-space processes in the presence of security vulnerabilities by making it
more difficult to find desired code/data which could help an attack. This is
done by adding a random offset to the location of regions in
sensibly bounded, so that platform
developers may choose where to place this compromise. Keep default
values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/x86/Kconfig | 16
arch/x86/mm/mmap.c | 12 ++--
2 files changed, 22 insertions(+), 6 deletions(-)
diff --git a
developers may choose where to
place this compromise. Keep 8 as the minimum acceptable value.
Signed-off-by: Daniel Cashman
---
arch/arm/Kconfig | 10 ++
arch/arm/mm/mmap.c | 3 +--
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
the specification of a minimum number of bits so that
platforms desiring greater ASLR protection may determine where to place
the trade-off.
Signed-off-by: Daniel Cashman
---
Documentation/sysctl/vm.txt | 29 +++
arch/Kconfig| 68
developers may choose where to
place this compromise. Keep default values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/arm64/Kconfig | 31 +++
arch/arm64/mm/mmap.c | 8 ++--
2 files changed, 37 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/Kconfig
On 11/26/15 2:59 PM, Daniel Cashman wrote:
> Address Space Layout Randomization (ASLR) provides a barrier to exploitation
> of user-space processes in the presence of security vulnerabilities by making
> it more difficult to find desired code/data which could help an attack. This
>
platforms. Allow the specification of a minimum number of bits so that
platforms desiring greater ASLR protection may determine where to place
the trade-off.
Signed-off-by: Daniel Cashman
---
Documentation/sysctl/kernel.txt | 14 ++
include/linux/mm.h | 6 ++
kernel
, so that platform developers may choose where to
place this compromise. Keep 8 as the minimum acceptable value.
Signed-off-by: Daniel Cashman
---
arch/arm/Kconfig | 24
arch/arm/mm/mmap.c | 7 +--
2 files changed, 29 insertions(+), 2 deletions(-)
diff --git a/arch
On 10/28/2015 08:41 PM, Eric W. Biederman wrote:
> Dan Cashman writes:
>
This all would be much cleaner if the arm architecture code were just to
register the sysctl itself.
As it sits this looks like a patchset that does not meaninfully bisect,
and would result in code t
On 02/04/2016 02:29 PM, Kees Cook wrote:
> On Thu, Feb 4, 2016 at 2:06 PM, Daniel Cashman wrote:
>> Upstream commit: d07e22597d1d355829b7b18ac19afa912cf758d1 added the
>> ability to choose from a range of values to use for entropy count in
>> generating the random offset to
On 11/04/2015 10:30 AM, Daniel Cashman wrote:
> On 11/3/15 3:21 PM, Kees Cook wrote:
>> On Tue, Nov 3, 2015 at 3:14 PM, Daniel Cashman wrote:
>>> On 11/03/2015 11:19 AM, Kees Cook wrote:
>>>> Do you have patches for x86 and arm64?
>>>
>>> I was h
On 11/23/2015 07:04 AM, Will Deacon wrote:
> On Wed, Nov 18, 2015 at 03:20:07PM -0800, Daniel Cashman wrote:
>> +config ARCH_MMAP_RND_BITS_MAX
>> + default 20 if ARM64_64K_PAGES && ARCH_VA_BITS=39
>> + default 24 if ARCH_VA_BITS=39
>> +
On 11/08/2015 07:47 PM, Michael Ellerman wrote:
> On Fri, 2015-11-06 at 12:52 -0800, Kees Cook wrote:
>> On Thu, Nov 5, 2015 at 10:44 AM, Daniel Cashman wrote:
>>> On 11/04/2015 10:30 AM, Daniel Cashman wrote:
>>>> On 11/3/15 3:21 PM, Kees Cook wrote:
>>>&g
platforms. Allow the specification of a minimum number of bits so that
platforms desiring greater ASLR protection may determine where to place
the trade-off.
Signed-off-by: Daniel Cashman
---
Changes in v2:
- Added HAVE_ARCH_MMAP_RND_BITS as Kconfig boolean selector.
- Moved
, so that platform developers may choose where to
place this compromise. Keep 8 as the minimum acceptable value.
Signed-off-by: Daniel Cashman
---
Changes in v2:
- Changed arch/arm/Kconfig and arch/arm/mm/mmap.c to reflect changes
in [PATCH v2 1/2], specifically the movement of variables to
On 11/01/2015 01:50 PM, Eric W. Biederman wrote:
> Daniel Cashman writes:
>
>> On 10/28/2015 08:41 PM, Eric W. Biederman wrote:
>>> Dan Cashman writes:
>>>
>>>>>> This all would be much cleaner if the arm architecture code were just to
>>>
On 11/03/2015 11:19 AM, Kees Cook wrote:
> Do you have patches for x86 and arm64?
I was holding off on those until I could gauge upstream reception. If
desired, I could put those together and add them as [PATCH 3/4] and
[PATCH 4/4].
Thank You,
Dan
--
To unsubscribe from this list: send the line
On 11/3/15 3:18 PM, Kees Cook wrote:
> On Tue, Nov 3, 2015 at 2:39 PM, Russell King - ARM Linux
> wrote:
>> On Tue, Nov 03, 2015 at 11:19:44AM -0800, Kees Cook wrote:
>>> On Tue, Nov 3, 2015 at 10:10 AM, Daniel Cashman
>>> wrote:
>>>> From: dcashman
On 11/3/15 3:21 PM, Kees Cook wrote:
> On Tue, Nov 3, 2015 at 3:14 PM, Daniel Cashman wrote:
>> On 11/03/2015 11:19 AM, Kees Cook wrote:
>>> Do you have patches for x86 and arm64?
>>
>> I was holding off on those until I could gauge upstream reception. If
>>
On 11/3/15 5:31 PM, Andrew Morton wrote:
> On Tue, 03 Nov 2015 18:40:31 -0600 ebied...@xmission.com (Eric W. Biederman)
> wrote:
>
>> Andrew Morton writes:
>>
>>> On Tue, 3 Nov 2015 10:10:03 -0800 Daniel Cashman
>>> wrote:
>>>
>>>
On 11/4/15 11:21 AM, Eric W. Biederman wrote:
> Michal Hocko writes:
>
>> On Tue 03-11-15 10:10:03, Daniel Cashman wrote:
>> [...]
>>> +This value can be changed after boot using the
>>> +/proc/sys/kernel/mmap_rnd_bits tunable
>>
>> Why is this no
Address Space Layout Randomization (ASLR) provides a barrier to exploitation of
user-space processes in the presence of security vulnerabilities by making it
more difficult to find desired code/data which could help an attack. This is
done by adding a random offset to the location of regions in
, which is sensibly bounded, so that platform
developers may choose where to place this compromise. Keep default
values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/x86/Kconfig | 16
arch/x86/mm/mmap.c | 12 ++--
2 files changed, 22 insertions(+), 6 deletions
platforms. Allow the specification of a minimum number of bits so that
platforms desiring greater ASLR protection may determine where to place
the trade-off.
Signed-off-by: Daniel Cashman
---
Documentation/sysctl/vm.txt | 29 +++
arch/Kconfig| 68
, so that platform developers may choose where to
place this compromise. Keep 8 as the minimum acceptable value.
Signed-off-by: Daniel Cashman
---
arch/arm/Kconfig | 9 +
arch/arm/mm/mmap.c | 3 +--
2 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/arch/arm/Kconfig b/arch
that platform developers may choose where to
place this compromise. Keep default values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/arm64/Kconfig | 33 +
arch/arm64/mm/mmap.c | 8 ++--
2 files changed, 39 insertions(+), 2 deletions(-)
diff --git a
Address Space Layout Randomization (ASLR) provides a barrier to exploitation of
user-space processes in the presence of security vulnerabilities by making it
more difficult to find desired code/data which could help an attack. This is
done by adding a random offset to the location of regions in
that platform developers may choose where to
place this compromise. Keep default values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/arm64/Kconfig | 29 +
arch/arm64/mm/mmap.c | 8 ++--
2 files changed, 35 insertions(+), 2 deletions(-)
diff --git a
, which is sensibly bounded, so that platform
developers may choose where to place this compromise. Keep default
values as new minimums.
Signed-off-by: Daniel Cashman
---
arch/x86/Kconfig | 16
arch/x86/mm/mmap.c | 12 ++--
2 files changed, 22 insertions(+), 6 deletions
platforms. Allow the specification of a minimum number of bits so that
platforms desiring greater ASLR protection may determine where to place
the trade-off.
Signed-off-by: Daniel Cashman
---
Documentation/sysctl/vm.txt | 29 +++
arch/Kconfig| 68
, so that platform developers may choose where to
place this compromise. Keep 8 as the minimum acceptable value.
Signed-off-by: Daniel Cashman
---
arch/arm/Kconfig | 9 +
arch/arm/mm/mmap.c | 3 +--
2 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/arch/arm/Kconfig b/arch
Replace calls to get_random_int() followed by a cast to (unsigned long)
with calls to get_random_long(). Also address shifting bug which, in
case of x86 removed entropy mask for mmap_rnd_bits values > 31 bits.
Signed-off-by: Daniel Cashman
---
arch/arm/mm/mmap.c | 2 +-
a
-op and effectively disables mmap_base
randomization.
Finally, replace calls to get_random_int() with get_random_long() where
appropriate.
Daniel Cashman (2):
drivers: char: random: Add get_random_long().
use get_random_long().
arch/arm/mm/mmap.c | 2 +-
arch/arm64/mm/mmap.c
Signed-off-by: Daniel Cashman
---
drivers/char/random.c | 22 ++
include/linux/random.h | 1 +
2 files changed, 23 insertions(+)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index d0da5d8..b583e53 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
From: Dan Cashman
Remove two ' , ' issues and change spaces to tabs found by poking around in
drivers/staging/. Warnings left untouched.
Test: Run checkpatch script in drivers/staging/media/atomisp/i2c before and
after change. Errors go from 3 to 0.
Signed-off-by: Dan Cashman
---
drivers/sta
From: Dan Cashman
Signed-off-by: Dan Cashman
---
drivers/staging/media/atomisp/i2c/ap1302.c | 4 ++--
drivers/staging/media/atomisp/i2c/gc0310.c | 2 +-
drivers/staging/media/atomisp/i2c/gc2235.c | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/staging/media/atomis
My apologies; I did not review the TODO. Consider this withdrawn.
Dan
On 03/29/2017 10:30 AM, Alan Cox wrote:
> On Wed, 2017-03-29 at 09:57 -0700, Daniel Cashman wrote:
>> From: Dan Cashman
>>
>> Signed-off-by: Dan Cashman
>
>
> As the TODO asks - please no
From: Dan Cashman
Address errors and warning found in rf.c by checkpatch kernel style script.
Specifically, change spaces to tabs, split function arguments across a new
line to avoid 80 character limit, and remove use of embedded function name
in a dev_dbg() call.
Signed-off-by: Daniel Cashman
From: Dan Cashman
Address checkpatch errors encountered in rf.c by removing use of spaces
and replacing with properly aligned tabs.
Signed-off-by: Daniel Cashman
---
drivers/staging/vt6656/rf.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/drivers/staging
ion name in a debug statement and an
exceeded 80-char line, respectively.
Signed-off-by: Daniel Cashman
Dan Cashman (3):
staging: vt6656: convert spaces to tabs for rf.c
staging: vt6656: Replace embedded function name with __func__ in rf.c
staging: vt6656: Split arguments to avoid 80-c
From: Dan Cashman
Wrap arguments of call to vnt_control_out() to avoid exceeding 80
character limit, but maintain alignment.
Signed-off-by: Daniel Cashman
---
drivers/staging/vt6656/rf.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/staging/vt6656/rf.c b
From: Dan Cashman
Change embedded function name in vnt_rf_set_txpower with %s format with
__func__ argument to make it consistent with other part of if-else and
kernel coding style standards as reported by checkpatch.
Signed-off-by: Daniel Cashman
---
drivers/staging/vt6656/rf.c | 2 +-
1
72 matches
Mail list logo
