|
Date: Sat, 3 Mar 2018 18:13:28 +0300 From: Ilya Smith <blackzert@...il.com> To: Matthew Wilcox <willy@...radead.org> Cc: Kees Cook <keescook@...omium.org>, Andrew Morton <akpm@...ux-foundation.org>, Dan Williams <dan.j.williams@...el.com>, Michal Hocko <mhocko@...e.com>, "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>, Jan Kara <jack@...e.cz>, Jerome Glisse <jglisse@...hat.com>, Hugh Dickins <hughd@...gle.com>, Helge Deller <deller@....de>, Andrea Arcangeli <aarcange@...hat.com>, Oleg Nesterov <oleg@...hat.com>, Linux-MM <linux-mm@...ck.org>, LKML <linux-kernel@...r.kernel.org>, Kernel Hardening <kernel-hardening@...ts.openwall.com> Subject: Re: [RFC PATCH] Randomization of address chosen by mmap. > On 2 Mar 2018, at 23:48, Matthew Wilcox <willy@...radead.org> wrote: > Ah, I didn't mean that. I was thinking that we can change the > implementation to reserve 1-N pages after the end of the mapping. > So you can't map anything else in there, and any load/store into that > region will segfault. > I’m afraid it still will allow many attacks. The formula for new address would be like: address_next = address_prev - mmap_size - random(N) as you suggested. To prevent brute-force attacks N should be big enough like more 2^32 for example. This number 2^32 is just an example and right now I don’t know the exact value. What I’m trying to say that address computation formula has dependency on concrete predictable address. In my scheme even address_prev was chose randomly. Best regards, Ilya
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.