From: Solar Designer <solar@openwall.com>
To: kernel-hardening@lists.openwall.com
Subject: Re: [kernel-hardening] base address for shared libs
Date: Fri, 12 Aug 2011 08:21:35 +0400 [thread overview]
Message-ID: <20110812042135.GA5149@openwall.com> (raw)
In-Reply-To: <20110812035729.GB4964@openwall.com>
Vasiliy,
On Fri, Aug 12, 2011 at 07:57:29AM +0400, Solar Designer wrote:
> On Thu, Aug 11, 2011 at 12:32:59PM +0400, Vasiliy Kulikov wrote:
> > Or even use 16 bits as PaX does and don't use ASCII-armor at all.
>
> I think it'd be great to have this as an option. In fact, the code
> could simply try to do ASCII-armor, but also allow one to configure more
> than 11 bits of entropy, in which case the ASCII-armor would be usually
> ineffective. That is, start at max(0x00110000, mmap_min_addr), but add
> to this a random page-aligned offset in a configurable range
> (configurable as number of entropy bits). When the setting is 11 or
> less (and mmap_min_addr is not set unusually high), ASCII-armor is
> guaranteed for libs not exceeding a certain size. When the setting is
> 12 to 14, ASCII-armor is not guaranteed in any case (but may happen in
> some cases nevertheless). For 15+, you have to use a different starting
> address or use two ranges (if the random number has no "1" bits beyond
> bits 0-13, then use the low range, otherwise use a high range).
I think this should be configurable in the 0 to 19 bits range. The
default might be 15, which would mostly fit under the starting address
of non-PIE binaries, taking up only a megabyte above them (you'd need to
use two ranges - 127 MB and 1 MB). So the cost in reduction of maximum
continuous allocation size would be negligible for non-PIE (just 1 MB).
The starting address of 0x00110000 could also be configurable. When
dosemu and Win16 apps in Wine are not needed (are these the users of
this range?), you could simply start at mmap_min_addr and fit all 128 MB
before the binary start.
Alexander
next prev parent reply other threads:[~2011-08-12 4:21 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-23 16:22 [kernel-hardening] base address for shared libs Solar Designer
2011-07-24 8:51 ` Vasiliy Kulikov
2011-07-24 14:27 ` Solar Designer
2011-07-24 18:18 ` Vasiliy Kulikov
2011-07-25 19:20 ` Vasiliy Kulikov
2011-08-11 8:32 ` Vasiliy Kulikov
2011-08-12 3:57 ` Solar Designer
2011-08-12 4:21 ` Solar Designer [this message]
2011-08-12 8:20 ` Vasiliy Kulikov
2011-08-12 9:20 ` Solar Designer
2011-08-12 9:52 ` Vasiliy Kulikov
2011-08-12 10:04 ` Solar Designer
2011-08-12 10:06 ` Vasiliy Kulikov
2011-07-29 9:27 ` Vasiliy Kulikov
2011-07-30 18:38 ` Vasiliy Kulikov
2011-07-30 18:43 ` Vasiliy Kulikov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110812042135.GA5149@openwall.com \
--to=solar@openwall.com \
--cc=kernel-hardening@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox