From: Emmanuel Fleury <emmanuel.fleury@labri.fr>
To: Linux Kernel <linux-kernel@vger.kernel.org>
Subject: Re: How to enable/disable security features on mmap() ?
Date: Thu, 08 Dec 2005 15:39:17 +0100 [thread overview]
Message-ID: <43984595.1090406@labri.fr> (raw)
In-Reply-To: <43984154.5050502@labri.fr>
I guess that setting the variable randomize_va_space to 0 just remove
the stack pointer (sp) randomization.
Seen in arch/i386/kernel/process.c:
unsigned long arch_align_stack(unsigned long sp)
{
if (randomize_va_space)
sp -= get_random_int() % 8192;
return sp & ~0xf;
}
Why not having defined this as a CONFIG_STACK_RANDOMIZATION variables
(you have some need to avoid to use it in the case of the Crusoe processor:
Seen in karch/i386/ernel/cpu/transmeta.c:
#ifdef CONFIG_SYSCTL
/* randomize_va_space slows us down enormously;
it probably triggers retranslation of x86->native bytecode */
randomize_va_space = 0;
#endif
Regards
--
Emmanuel Fleury
Elegance is not optional.
-- Richard O'Keefe
next prev parent reply other threads:[~2005-12-08 14:40 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-12-08 14:10 How to enable/disable security features on mmap() ? Emmanuel Fleury
2005-12-08 14:14 ` Arjan van de Ven
2005-12-08 14:21 ` Emmanuel Fleury
2005-12-08 14:39 ` Emmanuel Fleury [this message]
2005-12-08 14:49 ` Arjan van de Ven
2005-12-08 14:54 ` Emmanuel Fleury
2005-12-08 15:02 ` Emmanuel Fleury
2005-12-08 15:16 ` linux-os (Dick Johnson)
2005-12-08 15:29 ` Emmanuel Fleury
2005-12-08 15:39 ` Arjan van de Ven
2005-12-08 16:42 ` Nix
2005-12-08 15:37 ` Arjan van de Ven
2005-12-08 16:08 ` linux-os (Dick Johnson)
2005-12-08 16:14 ` Arjan van de Ven
2005-12-08 16:24 ` linux-os (Dick Johnson)
2005-12-08 16:35 ` Arjan van de Ven
2005-12-08 16:20 ` Xavier Bestel
2005-12-08 16:21 ` Arjan van de Ven
2005-12-08 16:30 ` linux-os (Dick Johnson)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43984595.1090406@labri.fr \
--to=emmanuel.fleury@labri.fr \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.