Re: [PATCH][RESEND] PIE randomization

On Fri, 11 May 2007 22:18:16 +0200 (CEST)
Jiri Kosina <[email protected]> wrote:

> On Fri, 11 May 2007, Andrew Morton wrote:
> 
> > >    I sent this patch 5 days ago, nobody replied. So I am giving it 
> > > second attempt. Andrew, is it possible to test this in -mm branch? 
> > > Original mail follows:
> > >     this is something like reaction to this thread: 
> > > http://lkml.org/lkml/2007/1/6/124. I hope I was able to separate the 
> > > PIE randomization part correctly.
> > I don't know what to do with this.  The changelog doesn't tell me what PIE
> > randomization _is_, nor why the kernel would want to do it. "Randomizing 
> > -pie compiled binaries" sounds fairly undesirable, actually ;)
> 
> I think it's precisely what we want to do in case the randomize_va_space 
> is set to 1, don't we? (I haven't yet gone throught the patch though, so I 
> am not sure whether this is the case).

erm, I was being funny.  If you randomize a binary it won't run any more. 
cp /dev/random /bin/login.  Oh well.

My point is, we're not being told what is being randomized here.  Is it the
virtual starting address of the main executable mmap?  Of the shared
libraries also?  Is it the stack location?  What?

I could reverse-engineer that info from the patch, I guess, but I'd prefer
to go in the opposite direction: you tell us what the patch is trying to
do, then we look at it and see if we agree that it is in fact doing that.

> We already have stack randomization and mmap() base randomization but 
> executable base randomization (which is of course only feasible for -pie 
> executables) and brk() randomization still seem to be missing to make it 
> complete.


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: [PATCH][RESEND] PIE randomization
    • From: Jiri Kosina <[email protected]>
  • Re: [PATCH][RESEND] PIE randomization
    • From: "Ulrich Drepper" <[email protected]>

• References:
  • [PATCH][RESEND] PIE randomization
    • From: Jan Kratochvil <[email protected]>
  • Re: [PATCH][RESEND] PIE randomization
    • From: Andrew Morton <[email protected]>
  • Re: [PATCH][RESEND] PIE randomization
    • From: Jiri Kosina <[email protected]>

• Prev by Date: Re: [PATCH 1/7] Freezer: Read PF_BORROWED_MM in a nonracy way
• Next by Date: Re: slub-i386-support.patch
• Previous by thread: Re: [PATCH][RESEND] PIE randomization
• Next by thread: Re: [PATCH][RESEND] PIE randomization
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]