[PATCH 07/10] mm: expose arch_mmap_rnd when available
Stefan Bader
stefan.bader at canonical.com
Tue Nov 24 10:01:11 UTC 2015
On 24.11.2015 01:45, tim.gardner at canonical.com wrote:
> From: Kees Cook <keescook at chromium.org>
>
> BugLink: http://bugs.launchpad.net/bugs/1518483
>
> When an architecture fully supports randomizing the ELF load location,
> a per-arch mmap_rnd() function is used to find a randomized mmap base.
> In preparation for randomizing the location of ET_DYN binaries
> separately from mmap, this renames and exports these functions as
> arch_mmap_rnd(). Additionally introduces CONFIG_ARCH_HAS_ELF_RANDOMIZE
> for describing this feature on architectures that support it
> (which is a superset of ARCH_BINFMT_ELF_RANDOMIZE_PIE, since s390
> already supports a separated ET_DYN ASLR from mmap ASLR without the
> ARCH_BINFMT_ELF_RANDOMIZE_PIE logic).
>
> Signed-off-by: Kees Cook <keescook at chromium.org>
> Cc: Hector Marco-Gisbert <hecmargi at upv.es>
> Cc: Russell King <linux at arm.linux.org.uk>
> Reviewed-by: Ingo Molnar <mingo at kernel.org>
> Cc: Catalin Marinas <catalin.marinas at arm.com>
> Cc: Will Deacon <will.deacon at arm.com>
> Cc: Ralf Baechle <ralf at linux-mips.org>
> Cc: Benjamin Herrenschmidt <benh at kernel.crashing.org>
> Cc: Paul Mackerras <paulus at samba.org>
> Cc: Michael Ellerman <mpe at ellerman.id.au>
> Cc: Martin Schwidefsky <schwidefsky at de.ibm.com>
> Cc: Heiko Carstens <heiko.carstens at de.ibm.com>
> Cc: Alexander Viro <viro at zeniv.linux.org.uk>
> Cc: Oleg Nesterov <oleg at redhat.com>
> Cc: Andy Lutomirski <luto at amacapital.net>
> Cc: "David A. Long" <dave.long at linaro.org>
> Cc: Andrey Ryabinin <a.ryabinin at samsung.com>
> Cc: Arun Chandran <achandran at mvista.com>
> Cc: Yann Droneaud <ydroneaud at opteya.com>
> Cc: Min-Hua Chen <orca.chen at gmail.com>
> Cc: Paul Burton <paul.burton at imgtec.com>
> Cc: Alex Smith <alex at alex-smith.me.uk>
> Cc: Markos Chandras <markos.chandras at imgtec.com>
> Cc: Vineeth Vijayan <vvijayan at mvista.com>
> Cc: Jeff Bailey <jeffbailey at google.com>
> Cc: Michael Holzheu <holzheu at linux.vnet.ibm.com>
> Cc: Ben Hutchings <ben at decadent.org.uk>
> Cc: Behan Webster <behanw at converseincode.com>
> Cc: Ismael Ripoll <iripoll at upv.es>
> Cc: Jan-Simon Mller <dl9pf at gmx.de>
> Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
> Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
> (back ported from commit 2b68f6caeac271620cd2f9362aeaed360e317df0)
> Signed-off-by: Tim Gardner <tim.gardner at canonical.com>
>
> Conflicts:
> arch/Kconfig
> ---
> arch/Kconfig | 11 +++++++++++
> arch/arm/Kconfig | 1 +
> arch/arm/mm/mmap.c | 4 ++--
> arch/arm64/Kconfig | 1 +
> arch/arm64/mm/mmap.c | 4 ++--
> arch/mips/Kconfig | 1 +
> arch/mips/mm/mmap.c | 4 ++--
> arch/powerpc/Kconfig | 1 +
> arch/powerpc/mm/mmap.c | 4 ++--
> arch/s390/Kconfig | 1 +
> arch/s390/mm/mmap.c | 8 ++++----
> arch/x86/Kconfig | 1 +
> arch/x86/mm/mmap.c | 4 ++--
> include/linux/elf-randomize.h | 10 ++++++++++
> 14 files changed, 41 insertions(+), 14 deletions(-)
> create mode 100644 include/linux/elf-randomize.h
>
> diff --git a/arch/Kconfig b/arch/Kconfig
> index 05d7a8a..45a80db 100644
> --- a/arch/Kconfig
> +++ b/arch/Kconfig
> @@ -484,6 +484,17 @@ config HAVE_IRQ_EXIT_ON_IRQ_STACK
> This spares a stack switch and improves cache usage on softirq
> processing.
>
> +config PGTABLE_LEVELS
> + int
> + default 2
> +
Why adding PGTABLE_LEVELS? Unlikely that it matters but it does not seem to be
necessary either...
> +config ARCH_HAS_ELF_RANDOMIZE
> + bool
> + help
> + An architecture supports choosing randomized locations for
> + stack, mmap, brk, and ET_DYN. Defined functions:
> + - arch_mmap_rnd()
> +
> #
> # ABI hall of shame
> #
> diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
> index a4c5248..b5f2ad0 100644
> --- a/arch/arm/Kconfig
> +++ b/arch/arm/Kconfig
> @@ -3,6 +3,7 @@ config ARM
> default y
> select ARCH_BINFMT_ELF_RANDOMIZE_PIE
> select ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE
> + select ARCH_HAS_ELF_RANDOMIZE
> select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST
> select ARCH_HAVE_CUSTOM_GPIO_H
> select ARCH_HAS_GCOV_PROFILE_ALL
> diff --git a/arch/arm/mm/mmap.c b/arch/arm/mm/mmap.c
> index 15a8160..407dc78 100644
> --- a/arch/arm/mm/mmap.c
> +++ b/arch/arm/mm/mmap.c
> @@ -169,7 +169,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0,
> return addr;
> }
>
> -static unsigned long mmap_rnd(void)
> +unsigned long arch_mmap_rnd(void)
> {
> unsigned long rnd;
>
> @@ -184,7 +184,7 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
> unsigned long random_factor = 0UL;
>
> if (current->flags & PF_RANDOMIZE)
> - random_factor = mmap_rnd();
> + random_factor = arch_mmap_rnd();
>
> if (mmap_is_legacy()) {
> mm->mmap_base = TASK_UNMAPPED_BASE + random_factor;
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index a26ee9e..690f553 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -2,6 +2,7 @@ config ARM64
> def_bool y
> select ARCH_BINFMT_ELF_RANDOMIZE_PIE
> select ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE
> + select ARCH_HAS_ELF_RANDOMIZE
> select ARCH_HAS_GCOV_PROFILE_ALL
> select ARCH_HAS_SG_CHAIN
> select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST
> diff --git a/arch/arm64/mm/mmap.c b/arch/arm64/mm/mmap.c
> index ba776c0..ed17747 100644
> --- a/arch/arm64/mm/mmap.c
> +++ b/arch/arm64/mm/mmap.c
> @@ -47,7 +47,7 @@ static int mmap_is_legacy(void)
> return sysctl_legacy_va_layout;
> }
>
> -static unsigned long mmap_rnd(void)
> +unsigned long arch_mmap_rnd(void)
> {
> unsigned long rnd;
>
> @@ -77,7 +77,7 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
> unsigned long random_factor = 0UL;
>
> if (current->flags & PF_RANDOMIZE)
> - random_factor = mmap_rnd();
> + random_factor = arch_mmap_rnd();
>
> /*
> * Fall back to the standard layout if the personality bit is set, or
> diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig
> index 5a38e76..1f7b4f1 100644
> --- a/arch/mips/Kconfig
> +++ b/arch/mips/Kconfig
> @@ -24,6 +24,7 @@ config MIPS
> select HAVE_DEBUG_KMEMLEAK
> select HAVE_SYSCALL_TRACEPOINTS
> select ARCH_BINFMT_ELF_RANDOMIZE_PIE
> + select ARCH_HAS_ELF_RANDOMIZE
> select HAVE_ARCH_TRANSPARENT_HUGEPAGE if CPU_SUPPORTS_HUGEPAGES && 64BIT
> select RTC_LIB if !MACH_LOONGSON
> select GENERIC_ATOMIC64 if !64BIT
> diff --git a/arch/mips/mm/mmap.c b/arch/mips/mm/mmap.c
> index 9a4f1f5..5c81fdd 100644
> --- a/arch/mips/mm/mmap.c
> +++ b/arch/mips/mm/mmap.c
> @@ -142,7 +142,7 @@ unsigned long arch_get_unmapped_area_topdown(struct file *filp,
> addr0, len, pgoff, flags, DOWN);
> }
>
> -static unsigned long mmap_rnd(void)
> +unsigned long arch_mmap_rnd(void)
> {
> unsigned long rnd;
>
> @@ -161,7 +161,7 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
> unsigned long random_factor = 0UL;
>
> if (current->flags & PF_RANDOMIZE)
> - random_factor = mmap_rnd();
> + random_factor = arch_mmap_rnd();
>
> if (mmap_is_legacy()) {
> mm->mmap_base = TASK_UNMAPPED_BASE + random_factor;
> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
> index 6ff43fd..132e6c5 100644
> --- a/arch/powerpc/Kconfig
> +++ b/arch/powerpc/Kconfig
> @@ -89,6 +89,7 @@ config PPC
> select ARCH_MIGHT_HAVE_PC_SERIO
> select BINFMT_ELF
> select ARCH_BINFMT_ELF_RANDOMIZE_PIE
> + select ARCH_HAS_ELF_RANDOMIZE
> select OF
> select OF_EARLY_FLATTREE
> select OF_RESERVED_MEM
> diff --git a/arch/powerpc/mm/mmap.c b/arch/powerpc/mm/mmap.c
> index 1ad2299..0f0502e 100644
> --- a/arch/powerpc/mm/mmap.c
> +++ b/arch/powerpc/mm/mmap.c
> @@ -53,7 +53,7 @@ static inline int mmap_is_legacy(void)
> return sysctl_legacy_va_layout;
> }
>
> -static unsigned long mmap_rnd(void)
> +unsigned long arch_mmap_rnd(void)
> {
> unsigned long rnd;
>
> @@ -87,7 +87,7 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
> unsigned long random_factor = 0UL;
>
> if (current->flags & PF_RANDOMIZE)
> - random_factor = mmap_rnd();
> + random_factor = arch_mmap_rnd();
>
> /*
> * Fall back to the standard layout if the personality
> diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
> index 68b68d7..d64fca0 100644
> --- a/arch/s390/Kconfig
> +++ b/arch/s390/Kconfig
> @@ -65,6 +65,7 @@ config S390
> def_bool y
> select ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE
> select ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS
> + select ARCH_HAS_ELF_RANDOMIZE
> select ARCH_HAS_GCOV_PROFILE_ALL
> select ARCH_HAVE_NMI_SAFE_CMPXCHG
> select ARCH_INLINE_READ_LOCK
> diff --git a/arch/s390/mm/mmap.c b/arch/s390/mm/mmap.c
> index d891d40..60943a4 100644
> --- a/arch/s390/mm/mmap.c
> +++ b/arch/s390/mm/mmap.c
> @@ -56,7 +56,7 @@ static inline int mmap_is_legacy(void)
> return sysctl_legacy_va_layout;
> }
>
> -static unsigned long mmap_rnd(void)
> +unsigned long arch_mmap_rnd(void)
> {
> if (is_32bit_task())
> return (get_random_int() & 0x7ff) << PAGE_SHIFT;
> @@ -183,7 +183,7 @@ unsigned long randomize_et_dyn(void)
> base &= ~((1UL << 32) - 1);
>
> if (current->flags & PF_RANDOMIZE)
> - base += mmap_rnd();
> + base += arch_mmap_rnd();
>
> return base;
> }
> @@ -199,7 +199,7 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
> unsigned long random_factor = 0UL;
>
> if (current->flags & PF_RANDOMIZE)
> - random_factor = mmap_rnd();
> + random_factor = arch_mmap_rnd();
>
> /*
> * Fall back to the standard layout if the personality
> @@ -279,7 +279,7 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
> unsigned long random_factor = 0UL;
>
> if (current->flags & PF_RANDOMIZE)
> - random_factor = mmap_rnd();
> + random_factor = arch_mmap_rnd();
>
> /*
> * Fall back to the standard layout if the personality
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index c05d389..e8071d8 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -86,6 +86,7 @@ config X86
> select HAVE_ARCH_KMEMCHECK
> select HAVE_USER_RETURN_NOTIFIER
> select ARCH_BINFMT_ELF_RANDOMIZE_PIE
> + select ARCH_HAS_ELF_RANDOMIZE
> select HAVE_ARCH_JUMP_LABEL
> select ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE
> select SPARSE_IRQ
> diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c
> index 0d9f14a..844b06d 100644
> --- a/arch/x86/mm/mmap.c
> +++ b/arch/x86/mm/mmap.c
> @@ -65,7 +65,7 @@ static int mmap_is_legacy(void)
> return sysctl_legacy_va_layout;
> }
>
> -static unsigned long mmap_rnd(void)
> +unsigned long arch_mmap_rnd(void)
> {
> unsigned long rnd;
>
> @@ -114,7 +114,7 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
> unsigned long random_factor = 0UL;
>
> if (current->flags & PF_RANDOMIZE)
> - random_factor = mmap_rnd();
> + random_factor = arch_mmap_rnd();
>
> mm->mmap_legacy_base = mmap_legacy_base(random_factor);
>
> diff --git a/include/linux/elf-randomize.h b/include/linux/elf-randomize.h
> new file mode 100644
> index 0000000..7a4eda0
> --- /dev/null
> +++ b/include/linux/elf-randomize.h
> @@ -0,0 +1,10 @@
> +#ifndef _ELF_RANDOMIZE_H
> +#define _ELF_RANDOMIZE_H
> +
> +#ifndef CONFIG_ARCH_HAS_ELF_RANDOMIZE
> +static inline unsigned long arch_mmap_rnd(void) { return 0; }
> +#else
> +extern unsigned long arch_mmap_rnd(void);
> +#endif
> +
> +#endif
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20151124/eab7c2c8/attachment.sig>
More information about the kernel-team
mailing list