diff options
| author | Kees Cook <keescook@chromium.org> | 2014-02-25 16:59:17 -0800 |
|---|---|---|
| committer | H. Peter Anvin <hpa@linux.intel.com> | 2014-02-25 17:07:26 -0800 |
| commit | e2b32e6785138d92d2a40e0d0473575c8c7310a2 (patch) | |
| tree | 1522d169745c58697194f3656bb437363bdfcd78 /.gitignore | |
| parent | cfbf8d4857c26a8a307fb7cd258074c9dcd8c691 (diff) | |
| download | blackbird-op-linux-e2b32e6785138d92d2a40e0d0473575c8c7310a2.tar.gz blackbird-op-linux-e2b32e6785138d92d2a40e0d0473575c8c7310a2.zip | |
x86, kaslr: randomize module base load address
Randomize the load address of modules in the kernel to make kASLR
effective for modules. Modules can only be loaded within a particular
range of virtual address space. This patch adds 10 bits of entropy to
the load address by adding 1-1024 * PAGE_SIZE to the beginning range
where modules are loaded.
The single base offset was chosen because randomizing each module
load ends up wasting/fragmenting memory too much. Prior approaches to
minimizing fragmentation while doing randomization tend to result in
worse entropy than just doing a single base address offset.
Example kASLR boot without this change, with a single module loaded:
---[ Modules ]---
0xffffffffc0000000-0xffffffffc0001000 4K ro GLB x pte
0xffffffffc0001000-0xffffffffc0002000 4K ro GLB NX pte
0xffffffffc0002000-0xffffffffc0004000 8K RW GLB NX pte
0xffffffffc0004000-0xffffffffc0200000 2032K pte
0xffffffffc0200000-0xffffffffff000000 1006M pmd
---[ End Modules ]---
Example kASLR boot after this change, same module loaded:
---[ Modules ]---
0xffffffffc0000000-0xffffffffc0200000 2M pmd
0xffffffffc0200000-0xffffffffc03bf000 1788K pte
0xffffffffc03bf000-0xffffffffc03c0000 4K ro GLB x pte
0xffffffffc03c0000-0xffffffffc03c1000 4K ro GLB NX pte
0xffffffffc03c1000-0xffffffffc03c3000 8K RW GLB NX pte
0xffffffffc03c3000-0xffffffffc0400000 244K pte
0xffffffffc0400000-0xffffffffff000000 1004M pmd
---[ End Modules ]---
Signed-off-by: Andy Honig <ahonig@google.com>
Link: http://lkml.kernel.org/r/20140226005916.GA27083@www.outflux.net
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Diffstat (limited to '.gitignore')
0 files changed, 0 insertions, 0 deletions
