| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Based on commit 1091458d09e1a (mmap randomization)
For 32-bit address spaces randomize within a
16MB space, for 64-bit within a 256MB space.
Test Results:
------------
Without Patch (VDSO is not randomized)
---------------------------------------
root@Maleo:~# ./aslr vdso
FAIL: ASLR not functional (vdso always at 0x7fff7000)
root@Maleo:~# ./aslr rekey vdso
pre_val==cur_val
value=0x7fff7000
With patch:(VDSO is randmoized and doesn't interfere with stack)
----------------------------------------------------------------
root@cavium-octeon2:~# ./aslr rekey vdso
pre_val!=cur_val
previous_value=0x7f830ea2
current_value=0x776e2000
root@cavium-octeon2:~# ./aslr rekey vdso
pre_val!=cur_val
previous_value=0x7fb0cea2
current_value=0x77209000
root@cavium-octeon2:~# ./aslr rekey vdso
pre_val!=cur_val
previous_value=0x7f985ea2
current_value=0x7770c000
root@cavium-octeon2:~# ./aslr rekey vdso
pre_val!=cur_val
previous_value=0x7fbc6ea2
current_value=0x7fe25000
Maps file output:
-------------------------
root@cavium-octeon2:~# ./aslr rekey maps
78584000-785a5000 rwxp 00000000 00:00 0 [heap]
7f9d0000-7f9f1000 rw-p 00000000 00:00 0 [stack]
7ffa5000-7ffa6000 r-xp 00000000 00:00 0 [vdso]
root@cavium-octeon2:~# ./aslr rekey maps
77de0000-77e01000 rwxp 00000000 00:00 0 [heap]
7f91b000-7f93c000 rw-p 00000000 00:00 0 [stack]
7ff99000-7ff9a000 r-xp 00000000 00:00 0 [vdso]
root@cavium-octeon2:~# ./aslr rekey maps
77d7f000-77da0000 rwxp 00000000 00:00 0 [heap]
7fc2a000-7fc4b000 rw-p 00000000 00:00 0 [stack]
7fe09000-7fe0a000 r-xp 00000000 00:00 0 [vdso]
root@cavium-octeon2:~# ./aslr rekey maps
7794c000-7794d000 r-xp 00000000 00:00 0 [vdso]
77e4b000-77e6c000 rwxp 00000000 00:00 0 [heap]
7f6e7000-7f708000 rw-p 00000000 00:00 0 [stack]
root@cavium-octeon2:~#
Signed-off-by: Prem Karat <pkarat@mvista.com>
Cc: linux-mips@linux-mips.org
Cc: sergei.shtylyov@cogentembedded.com
Cc: ddaney.cavm@gmail.com
Patchwork: https://patchwork.linux-mips.org/patch/6812
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
|
|
The motivation for this patchset was that I was looking at a way for a
qemu-kvm process, to exclude the guest memory from its core dump, which
can be quite large. There are already a number of filter flags in
/proc/<pid>/coredump_filter, however, these allow one to specify 'types'
of kernel memory, not specific address ranges (which is needed in this
case).
Since there are no more vma flags available, the first patch eliminates
the need for the 'VM_ALWAYSDUMP' flag. The flag is used internally by
the kernel to mark vdso and vsyscall pages. However, it is simple
enough to check if a vma covers a vdso or vsyscall page without the need
for this flag.
The second patch then replaces the 'VM_ALWAYSDUMP' flag with a new
'VM_NODUMP' flag, which can be set by userspace using new madvise flags:
'MADV_DONTDUMP', and unset via 'MADV_DODUMP'. The core dump filters
continue to work the same as before unless 'MADV_DONTDUMP' is set on the
region.
The qemu code which implements this features is at:
http://people.redhat.com/~jbaron/qemu-dump/qemu-dump.patch
In my testing the qemu core dump shrunk from 383MB -> 13MB with this
patch.
I also believe that the 'MADV_DONTDUMP' flag might be useful for
security sensitive apps, which might want to select which areas are
dumped.
This patch:
The VM_ALWAYSDUMP flag is currently used by the coredump code to
indicate that a vma is part of a vsyscall or vdso section. However, we
can determine if a vma is in one these sections by checking it against
the gate_vma and checking for a non-NULL return value from
arch_vma_name(). Thus, freeing a valuable vma bit.
Signed-off-by: Jason Baron <jbaron@redhat.com>
Acked-by: Roland McGrath <roland@hack.frob.com>
Cc: Chris Metcalf <cmetcalf@tilera.com>
Cc: Avi Kivity <avi@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Quoting from Jiri Slaby's patch of a similar nature for x86:
When initrd is in use and a driver does request_module() in its
module_init (i.e. __initcall or device_initcall), a modprobe
process is created with VDSO mapping. But VDSO is inited even in
__initcall, i.e. on the same level (at the same time), so it may
not be inited yet (link order matters).
Move init_vdso up to subsys_initcall to avoid the issue.
Signed-off-by: David Daney <ddaney@caviumnetworks.com>
To: linux-mips@linux-mips.org
Cc: David Daney <ddaney@caviumnetworks.com>
Cc: Jiri Slaby <jslaby@suse.cz>
Patchwork: http://patchwork.linux-mips.org/patch/1386/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
|
|
In addition to being useless, it was mis-spelled.
Signed-off-by: David Daney <ddaney@caviumnetworks.com>
To: linux-mips@linux-mips.org
Cc: David Daney <ddaney@caviumnetworks.com>
Patchwork: http://patchwork.linux-mips.org/patch/1385/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
|
|
This is a preliminary patch to add a vdso to all user processes. Still
missing are ELF headers and .eh_frame information. But it is enough to
allow us to move signal trampolines off of the stack. Note that emulation
of branch delay slots in the FPU emulator still requires the stack.
We allocate a single page (the vdso) and write all possible signal
trampolines into it. The stack is moved down by one page and the vdso is
mapped into this space.
Signed-off-by: David Daney <ddaney@caviumnetworks.com>
To: linux-mips@linux-mips.org
Patchwork: http://patchwork.linux-mips.org/patch/975/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
|
