Hi,

LOL. “Effectiveness” of the KASLR. Do we even have this enabled?

-Michael

> On 4 Jul 2019, at 20:15, Peter Müller <peter.mueller(a)ipfire.org> wrote:
> 
> By feeding more random bits into mmap allocation, the
> effectiveness of KASLR will be improved, making attacks
> trying to bypass address randomisation more difficult.
> 
> Changed sysctl values are:
> 
> vm.mmap_rnd_bits = 32 (default: 28)
> vm.mmap_rnd_compat_bits = 16 (default: 8)
> 
> Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
> ---
> config/etc/sysctl.conf | 4 ++++
> 1 file changed, 4 insertions(+)
> 
> diff --git a/config/etc/sysctl.conf b/config/etc/sysctl.conf
> index 9a943fffa..5a67f1795 100644
> --- a/config/etc/sysctl.conf
> +++ b/config/etc/sysctl.conf
> @@ -45,6 +45,10 @@ kernel.kptr_restrict = 2
> # Avoid kernel memory address exposures via dmesg.
> kernel.dmesg_restrict = 1
> 
> +# Improve KASLR effectiveness for mmap
> +vm.mmap_rnd_bits = 32
> +vm.mmap_rnd_compat_bits = 16
> +
> # Minimal preemption granularity for CPU-bound tasks:
> # (default: 1 msec#  (1 + ilog(ncpus)), units: nanoseconds)
> kernel.sched_min_granularity_ns = 10000000
> -- 
> 2.16.4
>