Commit 5ef11c35 authored by Daniel Cashman's avatar Daniel Cashman Committed by Linus Torvalds

mm: ASLR: use get_random_long()

Replace calls to get_random_int() followed by a cast to (unsigned long)
with calls to get_random_long().  Also address shifting bug which, in
case of x86 removed entropy mask for mmap_rnd_bits values > 31 bits.
Signed-off-by: default avatarDaniel Cashman <dcashman@android.com>
Acked-by: default avatarKees Cook <keescook@chromium.org>
Cc: "Theodore Ts'o" <tytso@mit.edu>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: David S. Miller <davem@davemloft.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Nick Kralevich <nnk@google.com>
Cc: Jeff Vander Stoep <jeffv@google.com>
Cc: Mark Salyzyn <salyzyn@android.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent ec9ee4ac
...@@ -173,7 +173,7 @@ unsigned long arch_mmap_rnd(void) ...@@ -173,7 +173,7 @@ unsigned long arch_mmap_rnd(void)
{ {
unsigned long rnd; unsigned long rnd;
rnd = (unsigned long)get_random_int() & ((1 << mmap_rnd_bits) - 1); rnd = get_random_long() & ((1UL << mmap_rnd_bits) - 1);
return rnd << PAGE_SHIFT; return rnd << PAGE_SHIFT;
} }
......
...@@ -53,10 +53,10 @@ unsigned long arch_mmap_rnd(void) ...@@ -53,10 +53,10 @@ unsigned long arch_mmap_rnd(void)
#ifdef CONFIG_COMPAT #ifdef CONFIG_COMPAT
if (test_thread_flag(TIF_32BIT)) if (test_thread_flag(TIF_32BIT))
rnd = (unsigned long)get_random_int() & ((1 << mmap_rnd_compat_bits) - 1); rnd = get_random_long() & ((1UL << mmap_rnd_compat_bits) - 1);
else else
#endif #endif
rnd = (unsigned long)get_random_int() & ((1 << mmap_rnd_bits) - 1); rnd = get_random_long() & ((1UL << mmap_rnd_bits) - 1);
return rnd << PAGE_SHIFT; return rnd << PAGE_SHIFT;
} }
......
...@@ -146,7 +146,7 @@ unsigned long arch_mmap_rnd(void) ...@@ -146,7 +146,7 @@ unsigned long arch_mmap_rnd(void)
{ {
unsigned long rnd; unsigned long rnd;
rnd = (unsigned long)get_random_int(); rnd = get_random_long();
rnd <<= PAGE_SHIFT; rnd <<= PAGE_SHIFT;
if (TASK_IS_32BIT_ADDR) if (TASK_IS_32BIT_ADDR)
rnd &= 0xfffffful; rnd &= 0xfffffful;
...@@ -174,7 +174,7 @@ void arch_pick_mmap_layout(struct mm_struct *mm) ...@@ -174,7 +174,7 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
static inline unsigned long brk_rnd(void) static inline unsigned long brk_rnd(void)
{ {
unsigned long rnd = get_random_int(); unsigned long rnd = get_random_long();
rnd = rnd << PAGE_SHIFT; rnd = rnd << PAGE_SHIFT;
/* 8MB for 32bit, 256MB for 64bit */ /* 8MB for 32bit, 256MB for 64bit */
......
...@@ -1768,9 +1768,9 @@ static inline unsigned long brk_rnd(void) ...@@ -1768,9 +1768,9 @@ static inline unsigned long brk_rnd(void)
/* 8MB for 32bit, 1GB for 64bit */ /* 8MB for 32bit, 1GB for 64bit */
if (is_32bit_task()) if (is_32bit_task())
rnd = (long)(get_random_int() % (1<<(23-PAGE_SHIFT))); rnd = (get_random_long() % (1UL<<(23-PAGE_SHIFT)));
else else
rnd = (long)(get_random_int() % (1<<(30-PAGE_SHIFT))); rnd = (get_random_long() % (1UL<<(30-PAGE_SHIFT)));
return rnd << PAGE_SHIFT; return rnd << PAGE_SHIFT;
} }
......
...@@ -59,9 +59,9 @@ unsigned long arch_mmap_rnd(void) ...@@ -59,9 +59,9 @@ unsigned long arch_mmap_rnd(void)
/* 8MB for 32bit, 1GB for 64bit */ /* 8MB for 32bit, 1GB for 64bit */
if (is_32bit_task()) if (is_32bit_task())
rnd = (unsigned long)get_random_int() % (1<<(23-PAGE_SHIFT)); rnd = get_random_long() % (1<<(23-PAGE_SHIFT));
else else
rnd = (unsigned long)get_random_int() % (1<<(30-PAGE_SHIFT)); rnd = get_random_long() % (1UL<<(30-PAGE_SHIFT));
return rnd << PAGE_SHIFT; return rnd << PAGE_SHIFT;
} }
......
...@@ -264,7 +264,7 @@ static unsigned long mmap_rnd(void) ...@@ -264,7 +264,7 @@ static unsigned long mmap_rnd(void)
unsigned long rnd = 0UL; unsigned long rnd = 0UL;
if (current->flags & PF_RANDOMIZE) { if (current->flags & PF_RANDOMIZE) {
unsigned long val = get_random_int(); unsigned long val = get_random_long();
if (test_thread_flag(TIF_32BIT)) if (test_thread_flag(TIF_32BIT))
rnd = (val % (1UL << (23UL-PAGE_SHIFT))); rnd = (val % (1UL << (23UL-PAGE_SHIFT)));
else else
......
...@@ -71,12 +71,12 @@ unsigned long arch_mmap_rnd(void) ...@@ -71,12 +71,12 @@ unsigned long arch_mmap_rnd(void)
if (mmap_is_ia32()) if (mmap_is_ia32())
#ifdef CONFIG_COMPAT #ifdef CONFIG_COMPAT
rnd = (unsigned long)get_random_int() & ((1 << mmap_rnd_compat_bits) - 1); rnd = get_random_long() & ((1UL << mmap_rnd_compat_bits) - 1);
#else #else
rnd = (unsigned long)get_random_int() & ((1 << mmap_rnd_bits) - 1); rnd = get_random_long() & ((1UL << mmap_rnd_bits) - 1);
#endif #endif
else else
rnd = (unsigned long)get_random_int() & ((1 << mmap_rnd_bits) - 1); rnd = get_random_long() & ((1UL << mmap_rnd_bits) - 1);
return rnd << PAGE_SHIFT; return rnd << PAGE_SHIFT;
} }
......
...@@ -653,7 +653,7 @@ static unsigned long randomize_stack_top(unsigned long stack_top) ...@@ -653,7 +653,7 @@ static unsigned long randomize_stack_top(unsigned long stack_top)
if ((current->flags & PF_RANDOMIZE) && if ((current->flags & PF_RANDOMIZE) &&
!(current->personality & ADDR_NO_RANDOMIZE)) { !(current->personality & ADDR_NO_RANDOMIZE)) {
random_variable = (unsigned long) get_random_int(); random_variable = get_random_long();
random_variable &= STACK_RND_MASK; random_variable &= STACK_RND_MASK;
random_variable <<= PAGE_SHIFT; random_variable <<= PAGE_SHIFT;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment