The patch titled
Subject: mm, fs: move randomize_stack_top from fs to mm
has been added to the -mm tree. Its filename is
mm-fs-move-randomize_stack_top-from-fs-to-mm.patch
This patch should soon appear at
http://ozlabs.org/~akpm/mmots/broken-out/mm-fs-move-randomize_stack_top-from-fs-to-mm.patch
and later at
http://ozlabs.org/~akpm/mmotm/broken-out/mm-fs-move-randomize_stack_top-from-fs-to-mm.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Alexandre Ghiti <alex@xxxxxxxx>
Subject: mm, fs: move randomize_stack_top from fs to mm
Patch series "Provide generic top-down mmap layout functions", v5.
This series introduces generic functions to make top-down mmap layout
easily accessible to architectures, in particular riscv which was the
initial goal of this series. The generic implementation was taken from
arm64 and used successively by arm, mips and finally riscv.
Note that in addition the series fixes 2 issues:
- stack randomization was taken into account even if not necessary.
- [1] fixed an issue with mmap base which did not take into account
randomization but did not report it to arm and mips, so by moving arm64
into a generic library, this problem is now fixed for both
architectures.
This work is an effort to factorize architecture functions to avoid code
duplication and oversights as in [1].
[1]: https://www.mail-archive.com/linux-kernel@xxxxxxxxxxxxxxx/msg1429066.html
This patch (of 14):
This preparatory commit moves this function so that further introduction
of generic topdown mmap layout is contained only in mm/util.c.
Link: http://lkml.kernel.org/r/20190730055113.23635-2-alex@xxxxxxxx
Signed-off-by: Alexandre Ghiti <alex@xxxxxxxx>
Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
Reviewed-by: Christoph Hellwig <hch@xxxxxx>
Reviewed-by: Luis Chamberlain <mcgrof@xxxxxxxxxx>
Cc: Russell King <linux@xxxxxxxxxxxxxxx>
Cc: Catalin Marinas <catalin.marinas@xxxxxxx>
Cc: Will Deacon <will.deacon@xxxxxxx>
Cc: Ralf Baechle <ralf@xxxxxxxxxxxxxx>
Cc: Paul Burton <paul.burton@xxxxxxxx>
Cc: James Hogan <jhogan@xxxxxxxxxx>
Cc: Palmer Dabbelt <palmer@xxxxxxxxxx>
Cc: Albert Ou <aou@xxxxxxxxxxxxxxxxx>
Cc: Alexander Viro <viro@xxxxxxxxxxxxxxxxxx>
Cc: Christoph Hellwig <hch@xxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
fs/binfmt_elf.c | 20 --------------------
include/linux/mm.h | 2 ++
mm/util.c | 22 ++++++++++++++++++++++
3 files changed, 24 insertions(+), 20 deletions(-)
--- a/fs/binfmt_elf.c~mm-fs-move-randomize_stack_top-from-fs-to-mm
+++ a/fs/binfmt_elf.c
@@ -670,26 +670,6 @@ out:
* libraries. There is no binary dependent code anywhere else.
*/
-#ifndef STACK_RND_MASK
-#define STACK_RND_MASK (0x7ff >> (PAGE_SHIFT - 12)) /* 8MB of VA */
-#endif
-
-static unsigned long randomize_stack_top(unsigned long stack_top)
-{
- unsigned long random_variable = 0;
-
- if (current->flags & PF_RANDOMIZE) {
- random_variable = get_random_long();
- random_variable &= STACK_RND_MASK;
- random_variable <<= PAGE_SHIFT;
- }
-#ifdef CONFIG_STACK_GROWSUP
- return PAGE_ALIGN(stack_top) + random_variable;
-#else
- return PAGE_ALIGN(stack_top) - random_variable;
-#endif
-}
-
static int load_elf_binary(struct linux_binprm *bprm)
{
struct file *interpreter = NULL; /* to shut gcc up */
--- a/include/linux/mm.h~mm-fs-move-randomize_stack_top-from-fs-to-mm
+++ a/include/linux/mm.h
@@ -2370,6 +2370,8 @@ extern int install_special_mapping(struc
unsigned long addr, unsigned long len,
unsigned long flags, struct page **pages);
+unsigned long randomize_stack_top(unsigned long stack_top);
+
extern unsigned long get_unmapped_area(struct file *, unsigned long, unsigned long, unsigned long, unsigned long);
extern unsigned long mmap_region(struct file *file, unsigned long addr,
--- a/mm/util.c~mm-fs-move-randomize_stack_top-from-fs-to-mm
+++ a/mm/util.c
@@ -16,6 +16,8 @@
#include <linux/hugetlb.h>
#include <linux/vmalloc.h>
#include <linux/userfaultfd_k.h>
+#include <linux/elf.h>
+#include <linux/random.h>
#include <linux/uaccess.h>
@@ -293,6 +295,26 @@ int vma_is_stack_for_current(struct vm_a
return (vma->vm_start <= KSTK_ESP(t) && vma->vm_end >= KSTK_ESP(t));
}
+#ifndef STACK_RND_MASK
+#define STACK_RND_MASK (0x7ff >> (PAGE_SHIFT - 12)) /* 8MB of VA */
+#endif
+
+unsigned long randomize_stack_top(unsigned long stack_top)
+{
+ unsigned long random_variable = 0;
+
+ if (current->flags & PF_RANDOMIZE) {
+ random_variable = get_random_long();
+ random_variable &= STACK_RND_MASK;
+ random_variable <<= PAGE_SHIFT;
+ }
+#ifdef CONFIG_STACK_GROWSUP
+ return PAGE_ALIGN(stack_top) + random_variable;
+#else
+ return PAGE_ALIGN(stack_top) - random_variable;
+#endif
+}
+
#if defined(CONFIG_MMU) && !defined(HAVE_ARCH_PICK_MMAP_LAYOUT)
void arch_pick_mmap_layout(struct mm_struct *mm, struct rlimit *rlim_stack)
{
_
Patches currently in -mm which might be from alex@xxxxxxxx are
mm-fs-move-randomize_stack_top-from-fs-to-mm.patch
arm64-make-use-of-is_compat_task-instead-of-hardcoding-this-test.patch
arm64-consider-stack-randomization-for-mmap-base-only-when-necessary.patch
arm64-mm-move-generic-mmap-layout-functions-to-mm.patch
arm64-mm-make-randomization-selected-by-generic-topdown-mmap-layout.patch
arm-properly-account-for-stack-randomization-and-stack-guard-gap.patch
arm-use-stack_top-when-computing-mmap-base-address.patch
arm-use-generic-mmap-top-down-layout-and-brk-randomization.patch
mips-properly-account-for-stack-randomization-and-stack-guard-gap.patch
mips-use-stack_top-when-computing-mmap-base-address.patch
mips-adjust-brk-randomization-offset-to-fit-generic-version.patch
mips-replace-arch-specific-way-to-determine-32bit-task-with-generic-version.patch
mips-use-generic-mmap-top-down-layout-and-brk-randomization.patch
riscv-make-mmap-allocation-top-down-by-default.patch
