Current implementation doesn't randomize address returned by mmap.
All the entropy ends with choosing mmap_base_addr at the process
creation. After that mmap build very predictable layout of address
space. It allows to bypass ASLR in many cases. This patch make
randomization of address on any mmap
Signed-off-by: Ilya Smith
---
include/linux/mm.h | 16 --
mm/mmap.c | 164 +
2 files changed, 175 insertions(+), 5 deletions(-)
diff --git a/include/linux/mm.h b/include/linux/mm.h
index ad06d42..c716257 100644
--- a/include/linux
Signed-off-by: Ilya Smith
---
arch/alpha/kernel/osf_sys.c | 1 +
arch/arc/mm/mmap.c | 1 +
arch/arm/mm/mmap.c | 2 ++
arch/frv/mm/elf-fdpic.c | 1 +
arch/ia64/kernel/sys_ia64.c | 1 +
arch/ia64/mm/hugetlbpage.c | 1 +
arch/met
On Thu, 22 Mar 2018 19:36:37 +0300 Ilya Smith wrote:
> include/linux/mm.h | 16 --
> mm/mmap.c | 164
> +
You'll be wanting to update the documentation.
Documentation/sysctl/kernel.txt and
Documentation/admin-guide/kernel-parame
Please add changelogs. An explanation of what a "limit on memory
region random shift" is would be nice ;) Why does it exist, why are we
doing this, etc. Surely there's something to be said - at present this
is just a lump of random code?
___
linux-
On Thu, 22 Mar 2018 19:36:36 +0300 Ilya Smith wrote:
> Current implementation doesn't randomize address returned by mmap.
> All the entropy ends with choosing mmap_base_addr at the process
> creation. After that mmap build very predictable layout of address
> space. It allows to bypass ASLR in ma
