diff options
| author | Dave Jones <davej@redhat.com> | 2011-09-19 16:44:51 -0400 |
|---|---|---|
| committer | Dave Jones <davej@redhat.com> | 2011-09-19 16:44:51 -0400 |
| commit | bd4ac46f6678cb4a789516ee15990a4ce66e894b (patch) | |
| tree | a045b207f221a08d0e2df8f10645a4d0369f4022 /linux-2.6-i386-nx-emulation.patch | |
| parent | 90792faae211f9978fa9704df74afc6bff5b668f (diff) | |
| download | kernel-bd4ac46f6678cb4a789516ee15990a4ce66e894b.tar.gz kernel-bd4ac46f6678cb4a789516ee15990a4ce66e894b.tar.xz kernel-bd4ac46f6678cb4a789516ee15990a4ce66e894b.zip | |
Merge some improvements to the 32bit mmap randomisation from Kees Cook.
Diffstat (limited to 'linux-2.6-i386-nx-emulation.patch')
| -rw-r--r-- | linux-2.6-i386-nx-emulation.patch | 22 |
1 files changed, 0 insertions, 22 deletions
diff --git a/linux-2.6-i386-nx-emulation.patch b/linux-2.6-i386-nx-emulation.patch index fb58c612e..07a0faec8 100644 --- a/linux-2.6-i386-nx-emulation.patch +++ b/linux-2.6-i386-nx-emulation.patch @@ -592,25 +592,3 @@ mmu_notifier_invalidate_range_start(mm, start, end); if (is_vm_hugetlb_page(vma)) hugetlb_change_protection(vma, start, end, vma->vm_page_prot); -diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c -index 57d1868..29c0c35 100644 ---- a/arch/x86/kernel/process.c -+++ b/arch/x86/kernel/process.c -@@ -669,6 +669,16 @@ unsigned long arch_align_stack(unsigned long sp) - unsigned long arch_randomize_brk(struct mm_struct *mm) - { - unsigned long range_end = mm->brk + 0x02000000; -- return randomize_range(mm->brk, range_end, 0) ? : mm->brk; -+ unsigned long bump = 0; -+#ifdef CONFIG_X86_32 -+ /* in the case of NX emulation, shove the brk segment way out of the -+ way of the exec randomization area, since it can collide with -+ future allocations if not. */ -+ if ( (mm->get_unmapped_exec_area == arch_get_unmapped_exec_area) && -+ (mm->brk < 0x08000000) ) { -+ bump = (TASK_SIZE/6); -+ } -+#endif -+ return bump + (randomize_range(mm->brk, range_end, 0) ? : mm->brk); - } - |