From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH 01/11] Kernel: Set CONFIG_ARCH_MMAP_RND_BITS to 32 bits Date: Wed, 23 Mar 2022 11:42:34 +0000 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0452033523154384551==" List-Id: --===============0452033523154384551== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable I feel we have talked about this on multiple occasions, yet it never made its= way into the repository. Reviewed-by: Michael Tremer > On 19 Mar 2022, at 21:08, Peter M=C3=BCller wr= ote: >=20 > This follows a recommendation by ClipOS, making ASLR bypassing attempts > harder. >=20 > Signed-off-by: Peter M=C3=BCller > --- > config/kernel/kernel.config.aarch64-ipfire | 2 +- > config/kernel/kernel.config.armv6l-ipfire | 2 +- > config/kernel/kernel.config.riscv64-ipfire | 2 +- > config/kernel/kernel.config.x86_64-ipfire | 2 +- > 4 files changed, 4 insertions(+), 4 deletions(-) >=20 > diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/ker= nel.config.aarch64-ipfire > index 6728fa7f3..4205aa5bc 100644 > --- a/config/kernel/kernel.config.aarch64-ipfire > +++ b/config/kernel/kernel.config.aarch64-ipfire > @@ -702,7 +702,7 @@ CONFIG_HAVE_MOD_ARCH_SPECIFIC=3Dy > CONFIG_MODULES_USE_ELF_RELA=3Dy > CONFIG_ARCH_HAS_ELF_RANDOMIZE=3Dy > CONFIG_HAVE_ARCH_MMAP_RND_BITS=3Dy > -CONFIG_ARCH_MMAP_RND_BITS=3D18 > +CONFIG_ARCH_MMAP_RND_BITS=3D32 > CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=3Dy > CONFIG_ARCH_MMAP_RND_COMPAT_BITS=3D11 > CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=3Dy > diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kern= el.config.armv6l-ipfire > index d8482de92..ef36b8e22 100644 > --- a/config/kernel/kernel.config.armv6l-ipfire > +++ b/config/kernel/kernel.config.armv6l-ipfire > @@ -778,7 +778,7 @@ CONFIG_MODULES_USE_ELF_REL=3Dy > CONFIG_ARCH_HAS_ELF_RANDOMIZE=3Dy > CONFIG_HAVE_ARCH_MMAP_RND_BITS=3Dy > CONFIG_HAVE_EXIT_THREAD=3Dy > -CONFIG_ARCH_MMAP_RND_BITS=3D8 > +CONFIG_ARCH_MMAP_RND_BITS=3D32 > CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=3Dy > CONFIG_CLONE_BACKWARDS=3Dy > CONFIG_OLD_SIGSUSPEND3=3Dy > diff --git a/config/kernel/kernel.config.riscv64-ipfire b/config/kernel/ker= nel.config.riscv64-ipfire > index 73911b2ab..d8045c15c 100644 > --- a/config/kernel/kernel.config.riscv64-ipfire > +++ b/config/kernel/kernel.config.riscv64-ipfire > @@ -388,7 +388,7 @@ CONFIG_HAVE_MOD_ARCH_SPECIFIC=3Dy > CONFIG_MODULES_USE_ELF_RELA=3Dy > CONFIG_ARCH_HAS_ELF_RANDOMIZE=3Dy > CONFIG_HAVE_ARCH_MMAP_RND_BITS=3Dy > -CONFIG_ARCH_MMAP_RND_BITS=3D18 > +CONFIG_ARCH_MMAP_RND_BITS=3D32 > CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=3Dy > CONFIG_CLONE_BACKWARDS=3Dy > CONFIG_COMPAT_32BIT_TIME=3Dy > diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kern= el.config.x86_64-ipfire > index 0f322826e..b14815545 100644 > --- a/config/kernel/kernel.config.x86_64-ipfire > +++ b/config/kernel/kernel.config.x86_64-ipfire > @@ -742,7 +742,7 @@ CONFIG_HAVE_SOFTIRQ_ON_OWN_STACK=3Dy > CONFIG_ARCH_HAS_ELF_RANDOMIZE=3Dy > CONFIG_HAVE_ARCH_MMAP_RND_BITS=3Dy > CONFIG_HAVE_EXIT_THREAD=3Dy > -CONFIG_ARCH_MMAP_RND_BITS=3D28 > +CONFIG_ARCH_MMAP_RND_BITS=3D32 > CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=3Dy > CONFIG_ARCH_MMAP_RND_COMPAT_BITS=3D8 > CONFIG_HAVE_ARCH_COMPAT_MMAP_BASES=3Dy > --=20 > 2.34.1 --===============0452033523154384551==--