exec-randomization: brk away from exec rand area

This is a fix for the NX emulation patch to force the brk area well outside of the exec randomization area to avoid future allocation or brk growth collisions. Normally this isn't a problem, except when the text region has been loaded from a PIE binary and the CS limit can't be put just above bss. A test-case that will show failures without this patch can be found here: http://bazaar.launchpad.net/~ubuntu-bugcontrol/qa-regression-testing/master/annotate/head%3A/scripts/kernel-aslr-collisions/explode-brk.c Signed-off-by: Kees Cook <kees.cook@canonical.com>
author: Dave Jones <davej@redhat.com> 2010-09-03 11:48:57 -0400
committer: Dave Jones <davej@redhat.com> 2010-09-03 11:48:57 -0400
commit: fff25a2ad108da8e32461ee1a3156a09abd58ae4 (patch)
tree: 1a08faf08f1d8d6d9c57b8fa66ed46971a2f2444 /kernel.spec
parent: 55f50f1d146b2f5d524952234ef1673f196a3b60 (diff)
download: kernel-fff25a2ad108da8e32461ee1a3156a09abd58ae4.tar.gz
kernel-fff25a2ad108da8e32461ee1a3156a09abd58ae4.tar.xz
kernel-fff25a2ad108da8e32461ee1a3156a09abd58ae4.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/kernel.spec b/kernel.spec
index 8342c4a7c..114580fac 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -1877,6 +1877,9 @@ fi
 
 %changelog
 * Fri Sep 03 2010 Dave Jones <davej@redhat.com>
+- exec-randomization: brk away from exec rand area (Kees Cook)
+
+* Fri Sep 03 2010 Dave Jones <davej@redhat.com>
 - Remove the execshield boot parameter.
   Based on a patch from Kees Cook
author	Dave Jones <davej@redhat.com>	2010-09-03 11:48:57 -0400
committer	Dave Jones <davej@redhat.com>	2010-09-03 11:48:57 -0400
commit	fff25a2ad108da8e32461ee1a3156a09abd58ae4 (patch)
tree	1a08faf08f1d8d6d9c57b8fa66ed46971a2f2444 /kernel.spec
parent	55f50f1d146b2f5d524952234ef1673f196a3b60 (diff)
download	kernel-fff25a2ad108da8e32461ee1a3156a09abd58ae4.tar.gz kernel-fff25a2ad108da8e32461ee1a3156a09abd58ae4.tar.xz kernel-fff25a2ad108da8e32461ee1a3156a09abd58ae4.zip