From: Arjan van de Ven <arjan@infradead.org>
To: Hubert Tonneau <hubert.tonneau@fullpliant.org>
Cc: Andrew Morton <akpm@osdl.org>, linux-kernel@vger.kernel.org
Subject: Re: 2.6.12-rc3 mmap lack of consistency among runs
Date: Fri, 29 Apr 2005 09:29:59 -0400 [thread overview]
Message-ID: <1114781399.6077.8.camel@localhost.localdomain> (raw)
In-Reply-To: <0563I2L12@server5.heliogroup.fr>
On Fri, 2005-04-29 at 12:44 +0000, Hubert Tonneau wrote:
> Andrew Morton wrote:
> >
> > Maybe you're being bitten by the address space randomisation.
> >
> > Try
> > echo 0 > /proc/sys/kernel/randomize_va_space
>
> Ok, it solves my issue, but:
>
> . desabling it through 'echo 0 > /proc/sys/kernel/randomize_va_space' is not
> a solution because only the application knows that it wants it to be desabled,
> and the application is not root so cannot write to /proc; morever the
> application can only speak for itself so desabling should be on a per process
> bias.
there is the setarch command that you can use to disable it on a per
process basis.
> . second, my process restart succeeding roughly in 50% cases means that the
> randomisation performed is just a toy. A virus assuming fixed memory layout
> will still succeed 50% of times to install.
actually no.
It just means that half the time the old value was below the current
boundary, and half the time above. Eg half the time it was in free
space.
> All in all, I'm not concerned about Linux kernel to randomise or not,
> but I need to have a reliable way to request a memory region and be granted
> that I can request the same one in a futur run.
glibc also has some randomisations in places (for cache performance) as
did kernels before 2.6.11 on p4 hyperthreading machines (granted that
was very small randomisation)
The only reliable ways I can think of is to either take a predetermined
address, or to mmap a big chunk first, then your real chunk and then
free the first chunk. Neither are clean or pretty
next prev parent reply other threads:[~2005-04-30 0:39 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-04-29 12:44 2.6.12-rc3 mmap lack of consistency among runs Hubert Tonneau
2005-04-29 13:20 ` Andrew Morton
2005-04-29 13:34 ` Arjan van de Ven
2005-04-29 13:29 ` Arjan van de Ven [this message]
-- strict thread matches above, loose matches on Subject: below --
2005-04-29 18:36 Hubert Tonneau
2005-04-29 14:25 Hubert Tonneau
2005-04-28 9:59 Hubert Tonneau
2005-04-29 12:47 ` Andrew Morton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1114781399.6077.8.camel@localhost.localdomain \
--to=arjan@infradead.org \
--cc=akpm@osdl.org \
--cc=hubert.tonneau@fullpliant.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox