[kernel-hardening] [PATCH v2 1/1] powerpc: mm: support ARCH_MMAP_RND_BITS

[Bhupesh Sharma]

Hi Michael,

On Tue, Feb 7, 2017 at 7:57 AM, Michael Ellerman <mpe at ellerman.id.au> wrote:
> Bhupesh Sharma <bhsharma at redhat.com> writes:
>
>> powerpc: arch_mmap_rnd() uses hard-coded values, (23-PAGE_SHIFT) for
>> 32-bit and (30-PAGE_SHIFT) for 64-bit, to generate the random offset
>> for the mmap base address.
>>
>> This value represents a compromise between increased
>> ASLR effectiveness and avoiding address-space fragmentation.
>> Replace it with a Kconfig option, which is sensibly bounded, so that
>> platform developers may choose where to place this compromise.
>> Keep default values as new minimums.
>>
>> This patch makes sure that now powerpc mmap arch_mmap_rnd() approach
>> is similar to other ARCHs like x86, arm64 and arm.
>>
>> Cc: Alexander Graf <agraf at suse.com>
>> Cc: Benjamin Herrenschmidt <benh at kernel.crashing.org>
>> Cc: Paul Mackerras <paulus at samba.org>
>> Cc: Michael Ellerman <mpe at ellerman.id.au>
>> Cc: Anatolij Gustschin <agust at denx.de>
>> Cc: Alistair Popple <alistair at popple.id.au>
>> Cc: Matt Porter <mporter at kernel.crashing.org>
>> Cc: Vitaly Bordug <vitb at kernel.crashing.org>
>> Cc: Scott Wood <oss at buserror.net>
>> Cc: Kumar Gala <galak at kernel.crashing.org>
>> Cc: Daniel Cashman <dcashman at android.com>
>> Signed-off-by: Bhupesh Sharma <bhsharma at redhat.com>
>> Reviewed-by: Kees Cook <keescook at chromium.org>
>> ---
>> Changes since v1:
>> v1 can be seen here (https://lists.ozlabs.org/pipermail/linuxppc-dev/2017-February/153594.html)
>>     - No functional change in this patch.
>>     - Added R-B from Kees.
>>     - Dropped PATCH 2/2 from v1 as recommended by Kees Cook.
>
> Thanks for v2.
>
> But I replied to your v1 with some comments, did you see them?
>

I have replied to your comments on the original thread.
Please share your views and if possible share your test results on the
PPC setups you might have at your end.

Thanks,
Bhupesh