Commit e7142bf5 authored by Alexandre Ghiti's avatar Alexandre Ghiti Committed by Linus Torvalds

arm64, mm: make randomization selected by generic topdown mmap layout

This commits selects ARCH_HAS_ELF_RANDOMIZE when an arch uses the generic
topdown mmap layout functions so that this security feature is on by
default.

Note that this commit also removes the possibility for arm64 to have elf
randomization and no MMU: without MMU, the security added by randomization
is worth nothing.

Link: http://lkml.kernel.org/r/20190730055113.23635-6-alex@ghiti.frSigned-off-by: default avatarAlexandre Ghiti <alex@ghiti.fr>
Acked-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
Acked-by: default avatarKees Cook <keescook@chromium.org>
Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
Reviewed-by: default avatarLuis Chamberlain <mcgrof@kernel.org>
Cc: Albert Ou <aou@eecs.berkeley.edu>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: James Hogan <jhogan@kernel.org>
Cc: Palmer Dabbelt <palmer@sifive.com>
Cc: Paul Burton <paul.burton@mips.com>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Russell King <linux@armlinux.org.uk>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 67f3977f
...@@ -715,6 +715,7 @@ config HAVE_ARCH_COMPAT_MMAP_BASES ...@@ -715,6 +715,7 @@ config HAVE_ARCH_COMPAT_MMAP_BASES
config ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT config ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT
bool bool
depends on MMU depends on MMU
select ARCH_HAS_ELF_RANDOMIZE
config HAVE_COPY_THREAD_TLS config HAVE_COPY_THREAD_TLS
bool bool
......
...@@ -15,7 +15,6 @@ config ARM64 ...@@ -15,7 +15,6 @@ config ARM64
select ARCH_HAS_DMA_COHERENT_TO_PFN select ARCH_HAS_DMA_COHERENT_TO_PFN
select ARCH_HAS_DMA_PREP_COHERENT select ARCH_HAS_DMA_PREP_COHERENT
select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI
select ARCH_HAS_ELF_RANDOMIZE
select ARCH_HAS_FAST_MULTIPLIER select ARCH_HAS_FAST_MULTIPLIER
select ARCH_HAS_FORTIFY_SOURCE select ARCH_HAS_FORTIFY_SOURCE
select ARCH_HAS_GCOV_PROFILE_ALL select ARCH_HAS_GCOV_PROFILE_ALL
......
...@@ -557,14 +557,6 @@ unsigned long arch_align_stack(unsigned long sp) ...@@ -557,14 +557,6 @@ unsigned long arch_align_stack(unsigned long sp)
return sp & ~0xf; return sp & ~0xf;
} }
unsigned long arch_randomize_brk(struct mm_struct *mm)
{
if (is_compat_task())
return randomize_page(mm->brk, SZ_32M);
else
return randomize_page(mm->brk, SZ_1G);
}
/* /*
* Called from setup_new_exec() after (COMPAT_)SET_PERSONALITY. * Called from setup_new_exec() after (COMPAT_)SET_PERSONALITY.
*/ */
......
...@@ -321,7 +321,15 @@ unsigned long randomize_stack_top(unsigned long stack_top) ...@@ -321,7 +321,15 @@ unsigned long randomize_stack_top(unsigned long stack_top)
} }
#ifdef CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT #ifdef CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT
#ifdef CONFIG_ARCH_HAS_ELF_RANDOMIZE unsigned long arch_randomize_brk(struct mm_struct *mm)
{
/* Is the current task 32bit ? */
if (!IS_ENABLED(CONFIG_64BIT) || is_compat_task())
return randomize_page(mm->brk, SZ_32M);
return randomize_page(mm->brk, SZ_1G);
}
unsigned long arch_mmap_rnd(void) unsigned long arch_mmap_rnd(void)
{ {
unsigned long rnd; unsigned long rnd;
...@@ -335,7 +343,6 @@ unsigned long arch_mmap_rnd(void) ...@@ -335,7 +343,6 @@ unsigned long arch_mmap_rnd(void)
return rnd << PAGE_SHIFT; return rnd << PAGE_SHIFT;
} }
#endif /* CONFIG_ARCH_HAS_ELF_RANDOMIZE */
static int mmap_is_legacy(struct rlimit *rlim_stack) static int mmap_is_legacy(struct rlimit *rlim_stack)
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment