[PATCH 4.9 05/32] s390: limit brk randomization to 32MB

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org, Stefan Liebler <stli@linux.ibm.com>,
	Martin Schwidefsky <schwidefsky@de.ibm.com>,
	"Sasha Levin (Microsoft)" <sashal@kernel.org>
Subject: [PATCH 4.9 05/32] s390: limit brk randomization to 32MB
Date: Thu,  2 May 2019 17:20:51 +0200	[thread overview]
Message-ID: <20190502143317.201689230@linuxfoundation.org> (raw)
In-Reply-To: <20190502143314.649935114@linuxfoundation.org>

[ Upstream commit cd479eccd2e057116d504852814402a1e68ead80 ]

For a 64-bit process the randomization of the program break is quite
large with 1GB. That is as big as the randomization of the anonymous
mapping base, for a test case started with '/lib/ld64.so.1 <exec>'
it can happen that the heap is placed after the stack. To avoid
this limit the program break randomization to 32MB for 64-bit and
keep 8MB for 31-bit.

Reported-by: Stefan Liebler <stli@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Sasha Levin (Microsoft) <sashal@kernel.org>
---
 arch/s390/include/asm/elf.h | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/arch/s390/include/asm/elf.h b/arch/s390/include/asm/elf.h
index 8d665f1b29f8..f0fe566a9910 100644
--- a/arch/s390/include/asm/elf.h
+++ b/arch/s390/include/asm/elf.h
@@ -215,11 +215,14 @@ do {								\
 
 /*
  * Cache aliasing on the latest machines calls for a mapping granularity
- * of 512KB. For 64-bit processes use a 512KB alignment and a randomization
- * of up to 1GB. For 31-bit processes the virtual address space is limited,
- * use no alignment and limit the randomization to 8MB.
+ * of 512KB for the anonymous mapping base. For 64-bit processes use a
+ * 512KB alignment and a randomization of up to 1GB. For 31-bit processes
+ * the virtual address space is limited, use no alignment and limit the
+ * randomization to 8MB.
+ * For the additional randomization of the program break use 32MB for
+ * 64-bit and 8MB for 31-bit.
  */
-#define BRK_RND_MASK	(is_compat_task() ? 0x7ffUL : 0x3ffffUL)
+#define BRK_RND_MASK	(is_compat_task() ? 0x7ffUL : 0x1fffUL)
 #define MMAP_RND_MASK	(is_compat_task() ? 0x7ffUL : 0x3ff80UL)
 #define MMAP_ALIGN_MASK	(is_compat_task() ? 0 : 0x7fUL)
 #define STACK_RND_MASK	MMAP_RND_MASK
-- 
2.19.1

next prev parent reply	other threads:[~2019-05-02 15:50 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-05-02 15:20 [PATCH 4.9 00/32] 4.9.173-stable review Greg Kroah-Hartman
2019-05-02 15:20 ` [PATCH 4.9 01/32] usbnet: ipheth: prevent TX queue timeouts when device not ready Greg Kroah-Hartman
2019-05-02 15:20 ` [PATCH 4.9 02/32] usbnet: ipheth: fix potential null pointer dereference in ipheth_carrier_set Greg Kroah-Hartman
2019-05-02 15:20 ` [PATCH 4.9 03/32] media: vivid: check if the cec_adapter is valid Greg Kroah-Hartman
2019-05-02 15:20 ` [PATCH 4.9 04/32] ARM: dts: bcm283x: Fix hdmi hpd gpio pull Greg Kroah-Hartman
2019-05-02 15:20 ` Greg Kroah-Hartman [this message]
2019-05-02 15:20 ` [PATCH 4.9 06/32] qlcnic: Avoid potential NULL pointer dereference Greg Kroah-Hartman
2019-05-02 15:20 ` [PATCH 4.9 07/32] netfilter: nft_set_rbtree: check for inactive element after flag mismatch Greg Kroah-Hartman
2019-05-02 15:20 ` [PATCH 4.9 08/32] netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING Greg Kroah-Hartman
2019-05-02 15:20 ` [PATCH 4.9 09/32] sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() Greg Kroah-Hartman
2019-05-02 15:20 ` [PATCH 4.9 10/32] serial: ar933x_uart: Fix build failure with disabled console Greg Kroah-Hartman
2019-05-02 15:20 ` [PATCH 4.9 11/32] usb: gadget: net2280: Fix overrun of OUT messages Greg Kroah-Hartman
2019-05-02 15:20 ` [PATCH 4.9 12/32] usb: gadget: net2280: Fix net2280_dequeue() Greg Kroah-Hartman
2019-05-02 15:20 ` [PATCH 4.9 13/32] usb: gadget: net2272: Fix net2272_dequeue() Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 14/32] ARM: dts: pfla02: increase phy reset duration Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 15/32] net: ks8851: Dequeue RX packets explicitly Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 16/32] net: ks8851: Reassert reset pin if chip ID check fails Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 17/32] net: ks8851: Delay requesting IRQ until opened Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 18/32] net: ks8851: Set initial carrier state to down Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 19/32] staging: rtl8712: uninitialized memory in read_bbreg_hdl() Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 20/32] NFS: Fix a typo in nfs_init_timeout_values() Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 21/32] net: xilinx: fix possible object reference leak Greg Kroah-Hartman
2019-05-02 15:21   ` Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 22/32] net: ibm: " Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 23/32] net: ethernet: ti: " Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 24/32] scsi: qla4xxx: fix a potential NULL pointer dereference Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 25/32] usb: u132-hcd: fix resource leak Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 26/32] ceph: fix use-after-free on symlink traversal Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 27/32] scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 28/32] libata: fix using DMA buffers on stack Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 29/32] gpio: of: Fix of_gpiochip_add() error path Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 30/32] kconfig/[mn]conf: handle backspace (^H) key Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 31/32] leds: pca9532: fix a potential NULL pointer dereference Greg Kroah-Hartman
2019-05-02 15:21 ` [PATCH 4.9 32/32] vfio/type1: Limit DMA mappings per container Greg Kroah-Hartman
2019-05-02 23:06 ` [PATCH 4.9 00/32] 4.9.173-stable review kernelci.org bot
2019-05-03  7:04 ` Naresh Kamboju
2019-05-03  9:27 ` Jon Hunter
2019-05-03  9:27   ` Jon Hunter
2019-05-03 17:15 ` Guenter Roeck
2019-05-03 21:21 ` shuah

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:8d665f1b29f dfblob:f0fe566a991 )
 OR (
bs:"[PATCH 4.9 05/32] s390: limit brk randomization to 32MB" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190502143317.201689230@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=sashal@kernel.org \
    --cc=schwidefsky@de.ibm.com \
    --cc=stable@vger.kernel.org \
    --cc=stli@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.