Re: [PATCH] x86: Enable full randomization on i386 and X86_32.

[Kees Cook]

On Fri, Mar 11, 2016 at 12:53 AM, Ingo Molnar <mingo@xxxxxxxxxx> wrote:
>
> * Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
>> On Thu, Mar 10, 2016 at 12:53 PM, Arjan van de Ven
>> <arjan@xxxxxxxxxxxxxxx> wrote:
>> >> Arjan, or other folks, can you remember why x86_32 disabled mmap
>> >> randomization here? There doesn't seem to be a good reason for it that
>> >> I see.
>> >
>> >
>> > for unlimited stack it got really messy with threaded apps.
>>
>> Seems like it'd only cause problems for really really giant processes?
>> (I think it's telling that the other 32-bit archs don't disable ASLR
>> in this case...)
>
> IIRC there was some sort of specific breakage with unlimited stack apps - I don't
> remember the exact details.
>
>> > anyway, I don't mind seeing if this will indeed work, with time running out
>> > where 32 bit is going extinct... in a few years we just won't have enough
>> > testing on this kind of change anymore.
>>
>> Sounds good. Ingo, can you pull this in and we can try it for -next?
>
> Ok, we can certainly try. If there's breakage with old distros then we might need
> to put this behind a legacy Kconfig switch.

Okay, sounds good. Thanks!

-Kees

-- 
Kees Cook
Chrome OS & Brillo Security