|
Message-ID: <20110907093411.GA4752@albatros> Date: Wed, 7 Sep 2011 13:34:11 +0400 From: Vasiliy Kulikov <segoon@...nwall.com> To: kernel-hardening@...ts.openwall.com Subject: Re: [RFC] x86, mm: start mmap allocation for libs from low addresses Solar, On Wed, Sep 07, 2011 at 13:30 +0400, Solar Designer wrote: > > +#ifdef CONFIG_VM86 > > +/* > > + * Don't touch any memory that can be addressed by vm86 apps. > > + * Reserve the first 1 MiB + 64 kb. > > + */ > > +#define ASCII_ARMOR_MIN_ADDR 0x00110000 > > +#else > > +/* No special users of low addresses. Start just after mmap_min_addr. */ > > +#define ASCII_ARMOR_MIN_ADDR 0 > > +#endif > > What if mmap_min_addr set really low, or is even 0? I think we want to > skip low addresses even if processes are permitted to use those. > (Permitted does not mean encouraged.) So how about ASCII_ARMOR_MIN_ADDR > 0x19000 (100 KB) when !CONFIG_VM86? Are you talking about safety with NULL pointer dereferencing? > > + /* We ALWAYS start from the beginning as base addresses > > + * with zero high bits is a valued resource */ > > s/valued/scarce and valuable/ > > > + * If kernel.randomize_va_space < 2, the executable is build as > > s/build/built/ Right, thank you! -- Vasiliy
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.