From: Kees Cook <keescook@chromium.org>
To: Andy Lutomirski <luto@kernel.org>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>
Cc: Daniel Micay <danielmicay@gmail.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Eric Biederman <ebiederm@xmission.com>,
Brian Gerst <brgerst@gmail.com>,
Nikolay Borisov <nik.borisov@suse.com>,
"Chang S. Bae" <chang.seok.bae@intel.com>,
Igor Zhbanov <i.zhbanov@omprussia.ru>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Randy Dunlap <rdunlap@infradead.org>,
linux-mm@kvack.org, John Allen <john.allen@amd.com>,
linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: Re: [PATCH] x86/vdso: Move vDSO to mmap region
Date: Fri, 16 Feb 2024 21:31:01 -0800 [thread overview]
Message-ID: <202402162129.792C1AC@keescook> (raw)
In-Reply-To: <20240210091827.work.233-kees@kernel.org>
On Sat, Feb 10, 2024 at 01:18:35AM -0800, Kees Cook wrote:
> The vDSO (and its initial randomization) was introduced in commit
> 2aae950b21e4 ("x86_64: Add vDSO for x86-64 with gettimeofday/clock_gettime/getcpu"),
> but had very low entropy. The entropy was improved in commit
> 394f56fe4801 ("x86_64, vdso: Fix the vdso address randomization algorithm"),
> but there is still improvement to be made.
>
> On principle there should not be executable code at a low entropy offset
> from the stack, since the stack and executable code having separate
> randomization is part of what makes ASLR stronger.
>
> Remove the only executable code near the stack region and give the vDSO
> the same randomized base as other mmap mappings including the linker
> and other shared objects. This results in higher entropy being provided
> and there's little to no advantage in separating this from the existing
> executable code there. This is already how other architectures like
> arm64 handle the vDSO.
Thread ping. Anyone have thoughts on this? I can carry it in -next to
see if anything melts...
--
Kees Cook
next prev parent reply other threads:[~2024-02-17 5:31 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-10 9:18 [PATCH] x86/vdso: Move vDSO to mmap region Kees Cook
2024-02-17 5:31 ` Kees Cook [this message]
2024-02-26 23:31 ` [tip: x86/core] " tip-bot2 for Daniel Micay
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202402162129.792C1AC@keescook \
--to=keescook@chromium.org \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=chang.seok.bae@intel.com \
--cc=danielmicay@gmail.com \
--cc=dave.hansen@linux.intel.com \
--cc=ebiederm@xmission.com \
--cc=hpa@zytor.com \
--cc=i.zhbanov@omprussia.ru \
--cc=john.allen@amd.com \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=nik.borisov@suse.com \
--cc=rdunlap@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.