On Thu, Feb 26, 2015 at 4:11 PM, Kees Cook wrote:
> On Thu, Feb 26, 2015 at 4:06 PM, Andrew Morton
> wrote:
>> On Thu, 26 Feb 2015 15:37:37 -0800 Kees Cook wrote:
>>
>>> Agh, no, please let's avoid the CONFIG addition.
>>
>> That is precisely how we do this.
>>
>>> Hector mentioned in private ma
On Thu, 26 Feb 2015 15:34:36 -0800 Kees Cook wrote:
> >> That pointless repetition should be avoided.
> >
> > That's surprisingly hard!
> >
> > After renaming mips brk_rnd() to mmap_rnd() I had a shot. I'm not very
> > confident in the result. Does that __weak trick even work?
>
> In theory, i
On Thu, Feb 26, 2015 at 2:38 PM, Andrew Morton
wrote:
> On Tue, 24 Feb 2015 08:39:06 +0100 Ingo Molnar wrote:
>
>>
>> * Hector Marco Gisbert wrote:
>>
>> > +unsigned long randomize_et_dyn(unsigned long base)
>> > +{
>> > + unsigned long ret;
>> > + if ((current->personality & ADDR_NO_RANDOMI
Hi Andrew,
[Just resending to correct addresses - sorry for those who get a duplicate]
On Thu, 26 Feb 2015 14:38:15 -0800 Andrew Morton
wrote:
>
> diff -puN
> fs/binfmt_elf.c~fix-offset2lib-issue-for-x86-arm-powerpc-and-mips-fix
> fs/binfmt_elf.c
> --- a/fs/binfmt_elf.c~fix-offset2lib-issue-f
On Thu, 26 Feb 2015 23:00:52 + Russell King - ARM Linux
wrote:
> On Thu, Feb 26, 2015 at 02:38:15PM -0800, Andrew Morton wrote:
> > diff -puN
> > arch/arm64/Kconfig~fix-offset2lib-issue-for-x86-arm-powerpc-and-mips-fix
> > arch/arm64/Kconfig
> > ---
> > a/arch/arm64/Kconfig~fix-offset2lib
On Thu, 26 Feb 2015 14:38:15 -0800 Andrew Morton
wrote:
> Does that __weak trick even work?
Nope.
--- a/fs/binfmt_elf.c~fix-offset2lib-issue-for-x86-arm-powerpc-and-mips-fix-fix
+++ a/fs/binfmt_elf.c
@@ -2307,10 +2307,10 @@ unsigned long __weak mmap_rnd(void)
}
/*
- * Not all architectures
On Thu, Feb 26, 2015 at 02:38:15PM -0800, Andrew Morton wrote:
> diff -puN
> arch/arm64/Kconfig~fix-offset2lib-issue-for-x86-arm-powerpc-and-mips-fix
> arch/arm64/Kconfig
> --- a/arch/arm64/Kconfig~fix-offset2lib-issue-for-x86-arm-powerpc-and-mips-fix
> +++ a/arch/arm64/Kconfig
> @@ -1,4 +1,4 @@
On 02/26/2015 02:38 PM, Andrew Morton wrote:
[...]
From: Andrew Morton
Subject: fix-offset2lib-issue-for-x86-arm-powerpc-and-mips-fix
Consolidate randomize_et_dyn() implementations into fs/binfmt_elf.c.
There doesn't seem to be a compile-time way of making randomize_et_dyn()
go away on archite
On Tue, 24 Feb 2015 08:39:06 +0100 Ingo Molnar wrote:
>
> * Hector Marco Gisbert wrote:
>
> > +unsigned long randomize_et_dyn(unsigned long base)
> > +{
> > + unsigned long ret;
> > + if ((current->personality & ADDR_NO_RANDOMIZE) ||
> > + !(current->flags & PF_RANDOMIZE))
> > +
* Hector Marco Gisbert wrote:
> +unsigned long randomize_et_dyn(unsigned long base)
> +{
> + unsigned long ret;
> + if ((current->personality & ADDR_NO_RANDOMIZE) ||
> + !(current->flags & PF_RANDOMIZE))
> + return base;
> + ret = base + mmap_rnd();
> + re
[PATCH] Fix offset2lib issue for x86*, ARM*, PowerPC and MIPS
The issue appears on PIE linked executables when all memory areas of a
process are randomized. In this case, the attack "offset2lib" de-randomizes
all library areas on 64 bit Linux systems in less than one second.
Further details of
(I've added some additional CCs to make sure the arch maintainers
notice this patch.)
This patch seems white-space damaged to me. I had to do a lot of
manual editing to get it to apply. Please use "git format-patch", if
you're not already. What version of the kernel was this based on?
On Mon, Feb
12 matches
Mail list logo
