Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAGXu5jJQMVJVAVQOk1zS+jRLy641fwE0NKnAme2mGbm6Y1_xeA@mail.gmail.com>
Date: Fri, 3 Feb 2017 16:43:51 -0800
From: Kees Cook <keescook@...omium.org>
To: Bhupesh Sharma <bhsharma@...hat.com>
Cc: "linuxppc-dev@...ts.ozlabs.org" <linuxppc-dev@...ts.ozlabs.org>, 
	"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>, Daniel Cashman <dcashman@...gle.com>, 
	Michael Ellerman <mpe@...erman.id.au>, Bhupesh SHARMA <bhupesh.linux@...il.com>, 
	Alexander Graf <agraf@...e.com>, Benjamin Herrenschmidt <benh@...nel.crashing.org>, 
	Paul Mackerras <paulus@...ba.org>, Anatolij Gustschin <agust@...x.de>, 
	Alistair Popple <alistair@...ple.id.au>, Matt Porter <mporter@...nel.crashing.org>, 
	Vitaly Bordug <vitb@...nel.crashing.org>, Scott Wood <oss@...error.net>, 
	Kumar Gala <galak@...nel.crashing.org>, Daniel Cashman <dcashman@...roid.com>
Subject: Re: [PATCH v2 1/1] powerpc: mm: support ARCH_MMAP_RND_BITS

On Thu, Feb 2, 2017 at 9:11 PM, Bhupesh Sharma <bhsharma@...hat.com> wrote:
> powerpc: arch_mmap_rnd() uses hard-coded values, (23-PAGE_SHIFT) for
> 32-bit and (30-PAGE_SHIFT) for 64-bit, to generate the random offset
> for the mmap base address.
>
> This value represents a compromise between increased
> ASLR effectiveness and avoiding address-space fragmentation.
> Replace it with a Kconfig option, which is sensibly bounded, so that
> platform developers may choose where to place this compromise.
> Keep default values as new minimums.
>
> This patch makes sure that now powerpc mmap arch_mmap_rnd() approach
> is similar to other ARCHs like x86, arm64 and arm.
>
> Cc: Alexander Graf <agraf@...e.com>
> Cc: Benjamin Herrenschmidt <benh@...nel.crashing.org>
> Cc: Paul Mackerras <paulus@...ba.org>
> Cc: Michael Ellerman <mpe@...erman.id.au>
> Cc: Anatolij Gustschin <agust@...x.de>
> Cc: Alistair Popple <alistair@...ple.id.au>
> Cc: Matt Porter <mporter@...nel.crashing.org>
> Cc: Vitaly Bordug <vitb@...nel.crashing.org>
> Cc: Scott Wood <oss@...error.net>
> Cc: Kumar Gala <galak@...nel.crashing.org>
> Cc: Daniel Cashman <dcashman@...roid.com>
> Signed-off-by: Bhupesh Sharma <bhsharma@...hat.com>
> Reviewed-by: Kees Cook <keescook at chromium.org>

This " at " should be "@", but otherwise, yay v2! :)

-Kees

-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.