This commit simply bumps up to 32MB and 1GB the random offset
of brk, compared to 8MB and 256MB, for 32bit and 64bit respectively.
Suggested-by: Kees Cook <keesc...@chromium.org>
Signed-off-by: Alexandre Ghiti <a...@ghiti.fr>
Reviewed-by: Kees Cook <keesc...@chromium.org>
---
arch/mips/mm/mmap.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/arch/mips/mm/mmap.c b/arch/mips/mm/mmap.c
index a7e84b2e71d7..faa5aa615389 100644
--- a/arch/mips/mm/mmap.c
+++ b/arch/mips/mm/mmap.c
@@ -16,6 +16,7 @@
#include <linux/random.h>
#include <linux/sched/signal.h>
#include <linux/sched/mm.h>
+#include <linux/sizes.h>
unsigned long shm_align_mask = PAGE_SIZE - 1; /* Sane caches */
EXPORT_SYMBOL(shm_align_mask);
@@ -189,11 +190,11 @@ static inline unsigned long brk_rnd(void)
unsigned long rnd = get_random_long();
rnd = rnd << PAGE_SHIFT;
- /* 8MB for 32bit, 256MB for 64bit */
+ /* 32MB for 32bit, 1GB for 64bit */
if (TASK_IS_32BIT_ADDR)
- rnd = rnd & 0x7ffffful;
+ rnd = rnd & SZ_32M;
else
- rnd = rnd & 0xffffffful;
+ rnd = rnd & SZ_1G;
return rnd;
}
--
2.20.1
