summaryrefslogtreecommitdiff
path: root/arch/powerpc/mm/mmap.c
diff options
context:
space:
mode:
authorMichael Ellerman <mpe@ellerman.id.au>2017-04-21 00:36:20 +1000
committerMichael Ellerman <mpe@ellerman.id.au>2017-04-21 22:57:55 +1000
commit9fea59bd7ca541e5d0851f0b6dbca83c60ea90cd (patch)
treebc93c2a5e88ec95d879ce5faee9c1eae2178c51f /arch/powerpc/mm/mmap.c
parentf855b2f544d664cfa3055edb7ffd20e9ae0e2dce (diff)
downloadlwn-9fea59bd7ca541e5d0851f0b6dbca83c60ea90cd.tar.gz
lwn-9fea59bd7ca541e5d0851f0b6dbca83c60ea90cd.zip
powerpc/mm: Add support for runtime configuration of ASLR limits
Add powerpc support for mmap_rnd_bits and mmap_rnd_compat_bits, which are two sysctls that allow a user to configure the number of bits of randomness used for ASLR. Because of the way the Kconfig for ARCH_MMAP_RND_BITS is defined, we have to construct at least the MIN value in Kconfig, vs in a header which would be more natural. Given that we just go ahead and do it all in Kconfig. At least according to the code (the documentation makes no mention of it), the value is defined as the number of bits of randomisation *of the page*, not the address. This makes some sense, with larger page sizes more of the low bits are forced to zero, which would reduce the randomisation if we didn't take the PAGE_SIZE into account. However it does mean the min/max values have to change depending on the PAGE_SIZE in order to actually limit the amount of address space consumed by the randomisation. The result of that is that we have to define the default values based on both 32-bit vs 64-bit, but also the configured PAGE_SIZE. Furthermore now that we have 128TB address space support on Book3S, we also have to take that into account. Finally we can wire up the value in arch_mmap_rnd(). Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Signed-off-by: Bhupesh Sharma <bhsharma@redhat.com> Tested-by: Bhupesh Sharma <bhsharma@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Diffstat (limited to 'arch/powerpc/mm/mmap.c')
-rw-r--r--arch/powerpc/mm/mmap.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/arch/powerpc/mm/mmap.c b/arch/powerpc/mm/mmap.c
index 82fc5762f971..005aa8a44915 100644
--- a/arch/powerpc/mm/mmap.c
+++ b/arch/powerpc/mm/mmap.c
@@ -59,13 +59,14 @@ static inline int mmap_is_legacy(void)
unsigned long arch_mmap_rnd(void)
{
- unsigned long rnd;
+ unsigned long shift, rnd;
- /* 8MB for 32bit, 1GB for 64bit */
+ shift = mmap_rnd_bits;
+#ifdef CONFIG_COMPAT
if (is_32bit_task())
- rnd = get_random_long() % (1<<(23-PAGE_SHIFT));
- else
- rnd = get_random_long() % (1UL<<(30-PAGE_SHIFT));
+ shift = mmap_rnd_compat_bits;
+#endif
+ rnd = get_random_long() % (1 << shift);
return rnd << PAGE_SHIFT;
}