From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] sysctl: improve KASLR effectiveness for mmap
Date: Thu, 04 Jul 2019 20:17:19 +0100
Message-ID: <BB6C185B-2022-4D35-97C6-CB800F08BBB2@ipfire.org>
In-Reply-To: <5e1acef7-1037-f621-0bd5-123519625c50@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============6859896023424856492=="
List-Id: <development.lists.ipfire.org>

--===============6859896023424856492==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit

Hi,

LOL. “Effectiveness” of the KASLR. Do we even have this enabled?

-Michael

> On 4 Jul 2019, at 20:15, Peter Müller <peter.mueller(a)ipfire.org> wrote:
> 
> By feeding more random bits into mmap allocation, the
> effectiveness of KASLR will be improved, making attacks
> trying to bypass address randomisation more difficult.
> 
> Changed sysctl values are:
> 
> vm.mmap_rnd_bits = 32 (default: 28)
> vm.mmap_rnd_compat_bits = 16 (default: 8)
> 
> Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
> ---
> config/etc/sysctl.conf | 4 ++++
> 1 file changed, 4 insertions(+)
> 
> diff --git a/config/etc/sysctl.conf b/config/etc/sysctl.conf
> index 9a943fffa..5a67f1795 100644
> --- a/config/etc/sysctl.conf
> +++ b/config/etc/sysctl.conf
> @@ -45,6 +45,10 @@ kernel.kptr_restrict = 2
> # Avoid kernel memory address exposures via dmesg.
> kernel.dmesg_restrict = 1
> 
> +# Improve KASLR effectiveness for mmap
> +vm.mmap_rnd_bits = 32
> +vm.mmap_rnd_compat_bits = 16
> +
> # Minimal preemption granularity for CPU-bound tasks:
> # (default: 1 msec#  (1 + ilog(ncpus)), units: nanoseconds)
> kernel.sched_min_granularity_ns = 10000000
> -- 
> 2.16.4
> 


--===============6859896023424856492==--