diff options
author | Dave Jones <davej@redhat.com> | 2010-09-03 11:48:57 -0400 |
---|---|---|
committer | Dave Jones <davej@redhat.com> | 2010-09-03 11:48:57 -0400 |
commit | fff25a2ad108da8e32461ee1a3156a09abd58ae4 (patch) | |
tree | 1a08faf08f1d8d6d9c57b8fa66ed46971a2f2444 /kernel.spec | |
parent | 55f50f1d146b2f5d524952234ef1673f196a3b60 (diff) | |
download | kernel-fff25a2ad108da8e32461ee1a3156a09abd58ae4.tar.gz kernel-fff25a2ad108da8e32461ee1a3156a09abd58ae4.tar.xz kernel-fff25a2ad108da8e32461ee1a3156a09abd58ae4.zip |
exec-randomization: brk away from exec rand area
This is a fix for the NX emulation patch to force the brk area well
outside of the exec randomization area to avoid future allocation or brk
growth collisions. Normally this isn't a problem, except when the text
region has been loaded from a PIE binary and the CS limit can't be put
just above bss.
A test-case that will show failures without this patch can be found here:
http://bazaar.launchpad.net/~ubuntu-bugcontrol/qa-regression-testing/master/annotate/head%3A/scripts/kernel-aslr-collisions/explode-brk.c
Signed-off-by: Kees Cook <kees.cook@canonical.com>
Diffstat (limited to 'kernel.spec')
-rw-r--r-- | kernel.spec | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/kernel.spec b/kernel.spec index 8342c4a7c..114580fac 100644 --- a/kernel.spec +++ b/kernel.spec @@ -1877,6 +1877,9 @@ fi %changelog * Fri Sep 03 2010 Dave Jones <davej@redhat.com> +- exec-randomization: brk away from exec rand area (Kees Cook) + +* Fri Sep 03 2010 Dave Jones <davej@redhat.com> - Remove the execshield boot parameter. Based on a patch from Kees Cook |