Re: [PATCH] mm/vmalloc: randomize vmalloc() allocations

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 3.12.2020 8.58, Mike Rapoport wrote:
On Wed, Dec 02, 2020 at 08:49:06PM +0200, Topi Miettinen wrote:
On 1.12.2020 23.45, Topi Miettinen wrote:
Memory mappings inside kernel allocated with vmalloc() are in
predictable order and packed tightly toward the low addresses. With
new kernel boot parameter 'randomize_vmalloc=1', the entire area is
used randomly to make the allocations less predictable and harder to
guess for attackers.


This also seems to randomize module addresses. I was going to check that
next, so nice surprise!

Heh, that's because module_alloc() uses vmalloc() in that way or another :)

The modules are still allocated from their small (1.5GB) separate area instead of the much larger (32TB/12.5PB) vmalloc area, which would greatly improve ASLR for the modules. To fix that, I tried to to #define MODULES_VADDR to VMALLOC_START etc. like x86_32 does, but then kernel dies very early without even any output.

-Topi




[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux