From patchwork Wed Nov 18 22:48:21 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Daniel Cashman <dcashman@android.com>
X-Patchwork-Id: 7653251
Return-Path: 
 <linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org>
X-Original-To: patchwork-linux-arm@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork2.web.kernel.org (Postfix) with ESMTP id C06F7BF90C
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed, 18 Nov 2015 22:51:57 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id DA9E5204D5
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed, 18 Nov 2015 22:51:56 +0000 (UTC)
Received: from bombadil.infradead.org (bombadil.infradead.org
	[198.137.202.9])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 1315F204D1
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed, 18 Nov 2015 22:51:56 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux))
	id 1ZzBY2-0006I0-0N; Wed, 18 Nov 2015 22:49:54 +0000
Received: from mail-pa0-x232.google.com ([2607:f8b0:400e:c03::232])
	by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat
	Linux)) id 1ZzBXN-0005q6-QZ
	for linux-arm-kernel@lists.infradead.org;
	Wed, 18 Nov 2015 22:49:16 +0000
Received: by pacej9 with SMTP id ej9so58528028pac.2
	for <linux-arm-kernel@lists.infradead.org>;
	Wed, 18 Nov 2015 14:48:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=android.com; s=20120917;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=1M/xKyD2ewI/tf1G3J2CDaWX7pKIQzrwPDaiJywcs4w=;
	b=iXkh7aPLf2Oz7V3AB3D1NzdXTvJ8wj9yyfhjbz7skcc+ReXOeN2Nz8+e7+JwW6EvAT
	PcJSniclSRO9E062B1kd++Xb11ZQsr5oAERHDonRD8EgcmhFMp6/ChxTeAd78YupjnaI
	Dp0hypcUliZ9Rf3awPesaDBjHqMQVYYXelrM0SZYX1HPC2pKCnqtQcZ+sKOjWYt8l/LU
	frdXeEAxRW7DS7nxCC6/j2ZsrAw4U6O2rtS7iKHSijznd6xvdmzUrqBe9vgtsYt/9g3X
	qMV7HUBM5NC3R8Xt7epWQAuIrq5Lm5yvB/BmzL9Te4RXtsOW1j7+U4QhUMNFSre6Z8mp
	dAYw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=1M/xKyD2ewI/tf1G3J2CDaWX7pKIQzrwPDaiJywcs4w=;
	b=h6ETDDhk+cz0dkzWVOvccx+up1UihEaKrfJ/DKaa5yEOKm6EHhQ5OAz3oOjWH7zmTB
	Ca0Wutk49ibtx/GNTrcahBBXk65kpfnWNo5/qJKEFATBS2Cq6iuuAE139SYpTiZCdZcS
	9n+ZusCZlV5Ob+pu5MsTpIlS5xWAaW4/D1khdGcu3LEnOSnGRhwJ0/Gmrm7tgBOIyAEp
	aAJB6li3ls7Uem1O7qz7w+SKzgB9X2gJB+nGrnb9IOIinXmZr5xND++fA0QgX4aNd5iy
	51buOtxYlvHh/nQwEAPj8IjFLdcWA8ThNDNf5/uwC0AOoKERH/pJDeAgBsIdnqvraYZp
	qzOA==
X-Gm-Message-State: 
 ALoCoQnrj0LiYM5nf5wCnfMC1o3eJNku/FIuf15Nd4pUp4mpiLEOowSDWXoFlFUjqn6tIRV+CRqg
X-Received: by 10.67.4.38 with SMTP id cb6mr5781968pad.34.1447886933298;
	Wed, 18 Nov 2015 14:48:53 -0800 (PST)
Received: from dcashman.mtv.corp.google.com ([172.22.115.19])
	by smtp.gmail.com with ESMTPSA id
	eg5sm6228923pac.30.2015.11.18.14.48.51
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Wed, 18 Nov 2015 14:48:52 -0800 (PST)
From: Daniel Cashman <dcashman@android.com>
To: linux-kernel@vger.kernel.org
Subject: [PATCH 4/4] x86: mm: support ARCH_MMAP_RND_BITS.
Date: Wed, 18 Nov 2015 14:48:21 -0800
Message-Id: <1447886901-26098-5-git-send-email-dcashman@android.com>
X-Mailer: git-send-email 2.6.0.rc2.230.g3dd15c0
In-Reply-To: <1447886901-26098-4-git-send-email-dcashman@android.com>
References: <1447886901-26098-1-git-send-email-dcashman@android.com>
	<1447886901-26098-2-git-send-email-dcashman@android.com>
	<1447886901-26098-3-git-send-email-dcashman@android.com>
	<1447886901-26098-4-git-send-email-dcashman@android.com>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20151118_144914_109719_06F6BD41 
X-CRM114-Status: GOOD (  11.51  )
X-Spam-Score: -2.7 (--)
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: dcashman@google.com, linux-doc@vger.kernel.org, catalin.marinas@arm.com,
	will.deacon@arm.com, linux-mm@kvack.org, hpa@zytor.com, mingo@kernel.org,
	aarcange@redhat.com, linux@arm.linux.org.uk, corbet@lwn.net,
	xypron.glpk@gmx.de, x86@kernel.org, hecmargi@upv.es, mgorman@suse.de,
	rientjes@google.com, bp@suse.de, nnk@google.com, dzickus@redhat.com,
	keescook@chromium.org, jpoimboe@redhat.com, tglx@linutronix.de,
	n-horiguchi@ah.jp.nec.com, linux-arm-kernel@lists.infradead.org,
	salyzyn@android.com, ebiederm@xmission.com, jeffv@google.com,
	akpm@linux-foundation.org, kirill.shutemov@linux.intel.com
MIME-Version: 1.0
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
X-Spam-Status: No, score=-4.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY
	autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: dcashman <dcashman@google.com>

x86: arch_mmap_rnd() uses hard-coded values, 8 for 32-bit and 28 for
64-bit, to generate the random offset for the mmap base address.
This value represents a compromise between increased ASLR
effectiveness and avoiding address-space fragmentation. Replace it
with a Kconfig option, which is sensibly bounded, so that platform
developers may choose where to place this compromise. Keep default
values as new minimums.

Signed-off-by: Daniel Cashman <dcashman@google.com>
---
 arch/x86/Kconfig   | 16 ++++++++++++++++
 arch/x86/mm/mmap.c | 12 ++++++------
 2 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index db3622f..12768c4 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -82,6 +82,8 @@ config X86
 	select HAVE_ARCH_KASAN			if X86_64 && SPARSEMEM_VMEMMAP
 	select HAVE_ARCH_KGDB
 	select HAVE_ARCH_KMEMCHECK
+	select HAVE_ARCH_MMAP_RND_BITS
+	select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT
 	select HAVE_ARCH_SECCOMP_FILTER
 	select HAVE_ARCH_SOFT_DIRTY		if X86_64
 	select HAVE_ARCH_TRACEHOOK
@@ -183,6 +185,20 @@ config HAVE_LATENCYTOP_SUPPORT
 config MMU
 	def_bool y
 
+config ARCH_MMAP_RND_BITS_MIN
+       default 28 if 64BIT
+       default 8
+
+config ARCH_MMAP_RND_BITS_MAX
+	default 32 if 64BIT
+	default 16
+
+config ARCH_MMAP_RND_COMPAT_BITS_MIN
+	default 8
+
+config ARCH_MMAP_RND_COMPAT_BITS_MAX
+	default 16
+
 config SBUS
 	bool
 
diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c
index 844b06d..647fecf 100644
--- a/arch/x86/mm/mmap.c
+++ b/arch/x86/mm/mmap.c
@@ -69,14 +69,14 @@ unsigned long arch_mmap_rnd(void)
 {
 	unsigned long rnd;
 
-	/*
-	 *  8 bits of randomness in 32bit mmaps, 20 address space bits
-	 * 28 bits of randomness in 64bit mmaps, 40 address space bits
-	 */
 	if (mmap_is_ia32())
-		rnd = (unsigned long)get_random_int() % (1<<8);
+#ifdef CONFIG_COMPAT
+		rnd = (unsigned long)get_random_int() % (1 << mmap_rnd_compat_bits);
+#else
+		rnd = (unsigned long)get_random_int() % (1 << mmap_rnd_bits);
+#endif
 	else
-		rnd = (unsigned long)get_random_int() % (1<<28);
+		rnd = (unsigned long)get_random_int() % (1 << mmap_rnd_bits);
 
 	return rnd << PAGE_SHIFT;
 }