From patchwork Sat Aug 2 18:16:39 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nathan Lynch X-Patchwork-Id: 4665281 Return-Path: X-Original-To: patchwork-linux-arm@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 61EB4C033A for ; Sat, 2 Aug 2014 18:21:17 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 9365A2016C for ; Sat, 2 Aug 2014 18:21:16 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.9]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 2445320121 for ; Sat, 2 Aug 2014 18:21:15 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1XDds8-0001T3-Mh; Sat, 02 Aug 2014 18:17:36 +0000 Received: from relay1.mentorg.com ([192.94.38.131]) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1XDdrp-0001Lm-Go for linux-arm-kernel@lists.infradead.org; Sat, 02 Aug 2014 18:17:18 +0000 Received: from svr-orw-exc-10.mgc.mentorg.com ([147.34.98.58]) by relay1.mentorg.com with esmtp id 1XDdrS-0004iy-20 from Nathan_Lynch@mentor.com ; Sat, 02 Aug 2014 11:16:54 -0700 Received: from SVR-ORW-FEM-02.mgc.mentorg.com ([147.34.96.206]) by SVR-ORW-EXC-10.mgc.mentorg.com with Microsoft SMTPSVC(6.0.3790.4675); Sat, 2 Aug 2014 11:16:53 -0700 Received: from localhost (147.34.91.1) by SVR-ORW-FEM-02.mgc.mentorg.com (147.34.96.168) with Microsoft SMTP Server (TLS) id 14.2.247.3; Sat, 2 Aug 2014 11:16:00 -0700 From: Nathan Lynch To: Russell King Subject: [PATCH v8 02/10] ARM: place sigpage at a random offset above stack Date: Sat, 2 Aug 2014 13:16:39 -0500 Message-ID: <1407003407-31219-3-git-send-email-nathan_lynch@mentor.com> X-Mailer: git-send-email 1.9.3 In-Reply-To: <1407003407-31219-1-git-send-email-nathan_lynch@mentor.com> References: <1407003407-31219-1-git-send-email-nathan_lynch@mentor.com> MIME-Version: 1.0 X-OriginalArrivalTime: 02 Aug 2014 18:16:53.0922 (UTC) FILETIME=[F0170820:01CFAE7D] X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20140802_111717_605261_75814461 X-CRM114-Status: GOOD ( 12.48 ) X-Spam-Score: -0.0 (/) Cc: Steve Capper , Kees Cook , Arnd Bergmann , Ard Biesheuvel , Will Deacon , Daniel Lezcano , Stephen Boyd , Andy Lutomirski , Jan Glauber , linux-arm-kernel@lists.infradead.org X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The sigpage is currently placed alongside shared libraries etc in the address space. Similar to what x86_64 does for its VDSO, place the sigpage at a randomized offset above the stack so that learning the base address of the sigpage doesn't help expose where shared libraries are loaded in the address space (and vice versa). Signed-off-by: Nathan Lynch Reviewed-by: Kees Cook --- arch/arm/kernel/process.c | 36 +++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/arch/arm/kernel/process.c b/arch/arm/kernel/process.c index 46fbbb3701a0..9e0d931dd475 100644 --- a/arch/arm/kernel/process.c +++ b/arch/arm/kernel/process.c @@ -475,6 +475,38 @@ const char *arch_vma_name(struct vm_area_struct *vma) return is_gate_vma(vma) ? "[vectors]" : NULL; } +/* If possible, provide a placement hint at a random offset from the + * stack for the signal page. + */ +static unsigned long sigpage_addr(const struct mm_struct *mm, unsigned int npages) +{ + unsigned long offset; + unsigned long first; + unsigned long last; + unsigned long addr; + unsigned int slots; + + first = PAGE_ALIGN(mm->start_stack); + + last = TASK_SIZE - (npages << PAGE_SHIFT); + + /* No room after stack? */ + if (first > last) + return 0; + + /* Just enough room? */ + if (first == last) + return first; + + slots = ((last - first) >> PAGE_SHIFT) + 1; + + offset = get_random_int() % slots; + + addr = first + (offset << PAGE_SHIFT); + + return addr; +} + static struct page *signal_page; extern struct page *get_signal_page(void); @@ -488,6 +520,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) struct mm_struct *mm = current->mm; struct vm_area_struct *vma; unsigned long addr; + unsigned long hint; int ret = 0; if (!signal_page) @@ -496,7 +529,8 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) return -ENOMEM; down_write(&mm->mmap_sem); - addr = get_unmapped_area(NULL, 0, PAGE_SIZE, 0, 0); + hint = sigpage_addr(mm, 1); + addr = get_unmapped_area(NULL, hint, PAGE_SIZE, 0, 0); if (IS_ERR_VALUE(addr)) { ret = addr; goto up_fail;