Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 09 Jul 2024 07:52:42 +0200
From: Florian Weimer <fweimer@...hat.com>
To: "David A. Wheeler" <dwheeler@...eeler.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: ASLRn't is still alive and well on x86 kernels,
 despite CVE-2024-26621 patch

* David A. Wheeler:
>> The kernel should not apply hugepage optimizations to mappings created
>> with MAP_DENYWRITE.
>
> Shouldn't that be MAP_EXECUTABLE, not MAP_DENYWRITE?
> If you use MAP_DENYWRITE,
> a program that mmaps in a large non-code dataset won't have hugepage
> optimizations applied, which might be a significant performance regression.

It's just a bit that happens to be set by the glibc dynamic linker and
not much else.  The name doesn't matter at this point.

> Also, the mmap man page:
> https://man7.org/linux/man-pages/man2/mmap.2.html says that
> MAP_EXECUTABLE and MAP_DENYWRITE are ignored.  There's a risk that
> some programs are taking that to heart & not using those flags even
> when they should. If one of those flags *will* have an effect now,
> then it'd be a good idea to document that :-).

The effect of the flag is to get back the old behavior. 8-)  It only
makes backwards compatibility better.

Thanks,
Florian

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.