Re: [kernel-hardening] [PATCH] [RFC] Introduce mmap randomization
From: Daniel Micay
Date: Thu Aug 04 2016 - 13:05:08 EST
On Tue, 2016-07-26 at 11:22 -0700, william.c.roberts@xxxxxxxxx wrote:
> The recent get_random_long() change in get_random_range() and then the
> subsequent patches Jason put out, all stemmed from my tinkering
> with the concept of randomizing mmap.
>
> Any feedback would be greatly appreciated, including any feedback
> indicating that I am idiot.
The RAND_THREADSTACK feature in grsecurity makes the gaps the way I
think would be ideal, i.e. tracked as part of the appropriate VMA. It
would be straightforward to make it more general purpose.Attachment:
signature.asc
Description: This is a digitally signed message part