From mboxrd@z Thu Jan  1 00:00:00 1970
From: Peter =?utf-8?q?M=C3=BCller?= <peter.mueller@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 01/11] Kernel: Set CONFIG_ARCH_MMAP_RND_BITS to 32 bits
Date: Sat, 19 Mar 2022 21:08:32 +0000
Message-ID: <cb505ff6-5140-94ea-33ef-e2745a8d9629@ipfire.org>
In-Reply-To: <771528ff-9bb0-2073-4819-471ab16bb920@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============4015967515037148134=="
List-Id: <development.lists.ipfire.org>

--===============4015967515037148134==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This follows a recommendation by ClipOS, making ASLR bypassing attempts
harder.

Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
---
 config/kernel/kernel.config.aarch64-ipfire | 2 +-
 config/kernel/kernel.config.armv6l-ipfire  | 2 +-
 config/kernel/kernel.config.riscv64-ipfire | 2 +-
 config/kernel/kernel.config.x86_64-ipfire  | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kerne=
l.config.aarch64-ipfire
index 6728fa7f3..4205aa5bc 100644
--- a/config/kernel/kernel.config.aarch64-ipfire
+++ b/config/kernel/kernel.config.aarch64-ipfire
@@ -702,7 +702,7 @@ CONFIG_HAVE_MOD_ARCH_SPECIFIC=3Dy
 CONFIG_MODULES_USE_ELF_RELA=3Dy
 CONFIG_ARCH_HAS_ELF_RANDOMIZE=3Dy
 CONFIG_HAVE_ARCH_MMAP_RND_BITS=3Dy
-CONFIG_ARCH_MMAP_RND_BITS=3D18
+CONFIG_ARCH_MMAP_RND_BITS=3D32
 CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=3Dy
 CONFIG_ARCH_MMAP_RND_COMPAT_BITS=3D11
 CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=3Dy
diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel=
.config.armv6l-ipfire
index d8482de92..ef36b8e22 100644
--- a/config/kernel/kernel.config.armv6l-ipfire
+++ b/config/kernel/kernel.config.armv6l-ipfire
@@ -778,7 +778,7 @@ CONFIG_MODULES_USE_ELF_REL=3Dy
 CONFIG_ARCH_HAS_ELF_RANDOMIZE=3Dy
 CONFIG_HAVE_ARCH_MMAP_RND_BITS=3Dy
 CONFIG_HAVE_EXIT_THREAD=3Dy
-CONFIG_ARCH_MMAP_RND_BITS=3D8
+CONFIG_ARCH_MMAP_RND_BITS=3D32
 CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=3Dy
 CONFIG_CLONE_BACKWARDS=3Dy
 CONFIG_OLD_SIGSUSPEND3=3Dy
diff --git a/config/kernel/kernel.config.riscv64-ipfire b/config/kernel/kerne=
l.config.riscv64-ipfire
index 73911b2ab..d8045c15c 100644
--- a/config/kernel/kernel.config.riscv64-ipfire
+++ b/config/kernel/kernel.config.riscv64-ipfire
@@ -388,7 +388,7 @@ CONFIG_HAVE_MOD_ARCH_SPECIFIC=3Dy
 CONFIG_MODULES_USE_ELF_RELA=3Dy
 CONFIG_ARCH_HAS_ELF_RANDOMIZE=3Dy
 CONFIG_HAVE_ARCH_MMAP_RND_BITS=3Dy
-CONFIG_ARCH_MMAP_RND_BITS=3D18
+CONFIG_ARCH_MMAP_RND_BITS=3D32
 CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=3Dy
 CONFIG_CLONE_BACKWARDS=3Dy
 CONFIG_COMPAT_32BIT_TIME=3Dy
diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel=
.config.x86_64-ipfire
index 0f322826e..b14815545 100644
--- a/config/kernel/kernel.config.x86_64-ipfire
+++ b/config/kernel/kernel.config.x86_64-ipfire
@@ -742,7 +742,7 @@ CONFIG_HAVE_SOFTIRQ_ON_OWN_STACK=3Dy
 CONFIG_ARCH_HAS_ELF_RANDOMIZE=3Dy
 CONFIG_HAVE_ARCH_MMAP_RND_BITS=3Dy
 CONFIG_HAVE_EXIT_THREAD=3Dy
-CONFIG_ARCH_MMAP_RND_BITS=3D28
+CONFIG_ARCH_MMAP_RND_BITS=3D32
 CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=3Dy
 CONFIG_ARCH_MMAP_RND_COMPAT_BITS=3D8
 CONFIG_HAVE_ARCH_COMPAT_MMAP_BASES=3Dy
--=20
2.34.1

--===============4015967515037148134==--