I feel we have talked about this on multiple occasions, yet it never made its way into the repository.

Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>

> On 19 Mar 2022, at 21:08, Peter Müller <peter.mueller(a)ipfire.org> wrote:
> 
> This follows a recommendation by ClipOS, making ASLR bypassing attempts
> harder.
> 
> Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
> ---
> config/kernel/kernel.config.aarch64-ipfire | 2 +-
> config/kernel/kernel.config.armv6l-ipfire  | 2 +-
> config/kernel/kernel.config.riscv64-ipfire | 2 +-
> config/kernel/kernel.config.x86_64-ipfire  | 2 +-
> 4 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire
> index 6728fa7f3..4205aa5bc 100644
> --- a/config/kernel/kernel.config.aarch64-ipfire
> +++ b/config/kernel/kernel.config.aarch64-ipfire
> @@ -702,7 +702,7 @@ CONFIG_HAVE_MOD_ARCH_SPECIFIC=y
> CONFIG_MODULES_USE_ELF_RELA=y
> CONFIG_ARCH_HAS_ELF_RANDOMIZE=y
> CONFIG_HAVE_ARCH_MMAP_RND_BITS=y
> -CONFIG_ARCH_MMAP_RND_BITS=18
> +CONFIG_ARCH_MMAP_RND_BITS=32
> CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=y
> CONFIG_ARCH_MMAP_RND_COMPAT_BITS=11
> CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=y
> diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel.config.armv6l-ipfire
> index d8482de92..ef36b8e22 100644
> --- a/config/kernel/kernel.config.armv6l-ipfire
> +++ b/config/kernel/kernel.config.armv6l-ipfire
> @@ -778,7 +778,7 @@ CONFIG_MODULES_USE_ELF_REL=y
> CONFIG_ARCH_HAS_ELF_RANDOMIZE=y
> CONFIG_HAVE_ARCH_MMAP_RND_BITS=y
> CONFIG_HAVE_EXIT_THREAD=y
> -CONFIG_ARCH_MMAP_RND_BITS=8
> +CONFIG_ARCH_MMAP_RND_BITS=32
> CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=y
> CONFIG_CLONE_BACKWARDS=y
> CONFIG_OLD_SIGSUSPEND3=y
> diff --git a/config/kernel/kernel.config.riscv64-ipfire b/config/kernel/kernel.config.riscv64-ipfire
> index 73911b2ab..d8045c15c 100644
> --- a/config/kernel/kernel.config.riscv64-ipfire
> +++ b/config/kernel/kernel.config.riscv64-ipfire
> @@ -388,7 +388,7 @@ CONFIG_HAVE_MOD_ARCH_SPECIFIC=y
> CONFIG_MODULES_USE_ELF_RELA=y
> CONFIG_ARCH_HAS_ELF_RANDOMIZE=y
> CONFIG_HAVE_ARCH_MMAP_RND_BITS=y
> -CONFIG_ARCH_MMAP_RND_BITS=18
> +CONFIG_ARCH_MMAP_RND_BITS=32
> CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=y
> CONFIG_CLONE_BACKWARDS=y
> CONFIG_COMPAT_32BIT_TIME=y
> diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire
> index 0f322826e..b14815545 100644
> --- a/config/kernel/kernel.config.x86_64-ipfire
> +++ b/config/kernel/kernel.config.x86_64-ipfire
> @@ -742,7 +742,7 @@ CONFIG_HAVE_SOFTIRQ_ON_OWN_STACK=y
> CONFIG_ARCH_HAS_ELF_RANDOMIZE=y
> CONFIG_HAVE_ARCH_MMAP_RND_BITS=y
> CONFIG_HAVE_EXIT_THREAD=y
> -CONFIG_ARCH_MMAP_RND_BITS=28
> +CONFIG_ARCH_MMAP_RND_BITS=32
> CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=y
> CONFIG_ARCH_MMAP_RND_COMPAT_BITS=8
> CONFIG_HAVE_ARCH_COMPAT_MMAP_BASES=y
> -- 
> 2.34.1