From: Kees Cook <kees@kernel.org>
To: Bingwu Zhang <xtex@envs.net>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>,
Matt Redfearn <matt.redfearn@mips.com>, Yao Zi <me@ziyao.cc>,
Icenowy Zheng <uwu@icenowy.me>,
Jiaxun Yang <jiaxun.yang@flygoat.com>,
linux-mips@vger.kernel.org, linux-kernel@vger.kernel.org,
Bingwu Zhang <xtex@astrafall.org>
Subject: Re: [PATCH] MIPS: Increase default mmap randomization bits for 64-bit
Date: Tue, 31 Mar 2026 14:56:19 -0700 [thread overview]
Message-ID: <202603311456.95207C9F@keescook> (raw)
In-Reply-To: <20260328225738.51613-2-xtex@envs.net>
On Sun, Mar 29, 2026 at 06:57:39AM +0800, Bingwu Zhang wrote:
> From: Bingwu Zhang <xtex@astrafall.org>
>
> Increase mmap randomization bits on 64-bit from [12,18] to [18,20] for
> better strength.
>
> The original default, 12, means that ASLR offset has only (1 << 12) =
> 4096 possibilities. On average, it can be brute-forced in 2048 attempts.
> If a service is configured to restart automatically or can be started
> easily (e.g. execve a suid program), then trying for 4k times can be
> done in one day even when each attempt takes 20s.
> Increasing it to 18 makes brute-force much more difficult and leaves
> more time for operators to find out attacks.
>
> On 64-bit platforms, virtual address space is cheap, so the
> randomization bits can be increased safely without disturbing userland.
>
> In 1091458d09e1 ("MIPS: Randomize mmap if randomize_va_space is set")
> where mmap randomization was first introduced to MIPS, the randomization
> range was 256 MiB, equivalent to 16 randomization bits (if 4K page size).
> In 109c32ffd89d ("MIPS: Add support for ARCH_MMAP_RND_{COMPAT_}BITS")
> where MIPS begin to use ARCH_MMAP_RND_BITS, commit message claimed:
> > The minimum(default) for 64bit is 12bits, again with 4k
> > pagesize this is the same as the current 256MB.
> which is incorrect. (1 << 12) * page_size is 256 MiB only when page size
> is 64 KiB, so the strength of mmap randomization was reduced by 4b.
>
> Fixes: 109c32ffd89d ("MIPS: Add support for ARCH_MMAP_RND_{COMPAT_}BITS")
> Signed-off-by: Bingwu Zhang <xtex@astrafall.org>
I defer to MIPS maintainers, but yeah, let's turn it up if possible.
Reviewed-by: Kees Cook <kees@kernel.org>
--
Kees Cook
next prev parent reply other threads:[~2026-03-31 21:56 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-28 22:57 [PATCH] MIPS: Increase default mmap randomization bits for 64-bit Bingwu Zhang
2026-03-31 21:56 ` Kees Cook [this message]
2026-04-07 12:59 ` Huacai Chen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202603311456.95207C9F@keescook \
--to=kees@kernel.org \
--cc=jiaxun.yang@flygoat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=matt.redfearn@mips.com \
--cc=me@ziyao.cc \
--cc=tsbogend@alpha.franken.de \
--cc=uwu@icenowy.me \
--cc=xtex@astrafall.org \
--cc=xtex@envs.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.