Re: brk randomization breaks columns

Tue, 05 Feb 2008 14:05:58 -0800 

Hi!

> > . Yes, setarch i386 -R /usr/local/bin/uemacs (etc) fixes them, too.
> >     
> > What about this?
> > 
> > Heap randomization breaks /lib/libc.so.5.4.33, make it possible to 
> > randomize normal stuff but leave the heap alone.
> 
> certainly looks fine to me, but please also add a .config to make it 
> default to 2. The reason is that a good portions of the overflows happen 
> on the heap and 99.9% of the Linux users do not run 1996-era glibc 
> anymore.
> 
> something like CONFIG_COMPAT_BRK=y, which would cause randomize_va_space 
> to default to 1, and if a user or distro disables it, it will default to 
> 2.

I named it slightly differently, but idea is same. Heap randomization
breaks ancient binaries, so disable it by default.

Signed-off-by: Pavel Machek <[EMAIL PROTECTED]>

diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index 18ed6dd..4b099ea 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -1077,7 +1077,7 @@ #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGE
        current->mm->start_stack = bprm->p;
 
 #ifdef arch_randomize_brk
-       if (current->flags & PF_RANDOMIZE)
+       if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1))
                current->mm->brk = current->mm->start_brk =
                        arch_randomize_brk(current->mm);
 #endif
diff --git a/init/Kconfig b/init/Kconfig
index dcc96a8..37c7852 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -541,6 +541,16 @@ config ELF_CORE
        help
          Enable support for generating core dumps. Disabling saves about 4k.
 
+config RANDOMIZE_HEAP
+       bool "Randomize heap placement"
+       help
+         Randomizing heap placement makes heap exploits harder, but it also
+         breaks old programs (including anything libc5 based). This only
+         changes default, and can be overriden in runtime by tweaking
+         /proc/sys/kernel/randomize_va_space.
+
+         N is safe choice here.          
+
 config BASE_FULL
        default y
        bool "Enable full-sized data structures for core" if EMBEDDED
diff --git a/mm/memory.c b/mm/memory.c
index 4706af1..5134014 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -82,7 +82,12 @@ void * high_memory;
 EXPORT_SYMBOL(num_physpages);
 EXPORT_SYMBOL(high_memory);
 
-int randomize_va_space __read_mostly = 1;
+int randomize_va_space __read_mostly = 
+#ifdef CONFIG_RANDOMIZE_HEAP
+                                       2;
+#else
+                                       1;
+#endif
 
 static int __init disable_randmaps(char *s)
 {


-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) 
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to