> On 2 Mar 2018, at 23:48, Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote: > Ah, I didn't mean that. I was thinking that we can change the > implementation to reserve 1-N pages after the end of the mapping. > So you can't map anything else in there, and any load/store into that > region will segfault. > I’m afraid it still will allow many attacks. The formula for new address would be like: address_next = address_prev - mmap_size - random(N) as you suggested. To prevent brute-force attacks N should be big enough like more 2^32 for example. This number 2^32 is just an example and right now I don’t know the exact value. What I’m trying to say that address computation formula has dependency on concrete predictable address. In my scheme even address_prev was chose randomly. Best regards, Ilya -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href
