Google luky.org euqset.org
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Patch 0/6 virtual address space randomisation



Yeah, if it came from PaX the randomization would actually be useful.
Sorry, I've just woken up and already explained in another post.


Please, no hard feelings.

Speaking about implementation of the non executable pages semantics on IA32, PaX and Exec-Shield are very different (well not that much since 2.6 in fact because PAGEEXEC is now "segmentation when I can").
But when it comes to ASLR it's pretty much the same thing.

The only difference may be the (very small) randomization of the brk() managed heap on ET_EXEC (which is probably the more "hackish" feature of PaX ASLR) but it seems that Arjan is even going to propose a patch for that (Is this in ES too ?).

I think it's a great opportunity here to get the same basis for ASLR in PaX and ES merged into the vanilla kernel.
If it's only a matter of changing the number of randomized bits in an additional PaX patch, it's no problem! It's more important to have a correct basis, focus on that.

--
Julien TINNES - & france telecom - R&D Division/MAPS/NSS
Research Engineer - Internet/Intranet Security
GPG: C050 EF1A 2919 FD87 57C4 DEDD E778 A9F0 14B9 C7D6
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

$B$3$N>pJs$,$"$J$?$NC5$7$F$$?$b$N$+$I$&$+A*Br$7$F$/$@$5$!#(B
yes/$B$^$5$K$3$l$@!*(B   no/$B0c$&$J$!(B   part/$B0lIt8+$D$+$C$?(B   try/$B$3$l$G;n$7$F$_$k(B
$B$"$J$?$,C5$7$F$$?>pJs$O$I$N$h$&$J$3$H$+!"$4<+M3$K5-F~2<$5$!#FC$K!V$^$5$K$3$l$@!*!W$H8@$&>l9g$O5-F~$r$*4j$$7$^$9!#(B
$BNc(B:$B!VJ#?t$N%^%7%s$+$i(BCATV$B7PM3$G(Bipmasquerade$B$rMxMQ$7$F(BWeb$B$r;2>H$7$?$>l9g$N@_Dj$K$D$$F!W(B
Follow-Ups: References: