| Message ID | 20190401050613.GA16287@avx2 (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Bump vm.mmap_min_addr on 64-bit | expand |
On Mon, 1 Apr 2019 08:06:13 +0300 Alexey Dobriyan <adobriyan@gmail.com> wrote: > No self respecting 64-bit program should ever touch that lowly 32-bit > part of address space. > > ... > > --- a/mm/Kconfig > +++ b/mm/Kconfig > @@ -306,7 +306,8 @@ config KSM > config DEFAULT_MMAP_MIN_ADDR > int "Low address space to protect from user allocation" > depends on MMU > - default 4096 > + default 4096 if !64BIT > + default 4294967296 if 64BIT > help > This is the portion of low virtual memory which should be protected > from userspace allocation. Keeping a user from writing to low pages > --- a/security/Kconfig > +++ b/security/Kconfig > @@ -129,7 +129,8 @@ config LSM_MMAP_MIN_ADDR > int "Low address space for LSM to protect from user allocation" > depends on SECURITY && SECURITY_SELINUX > default 32768 if ARM || (ARM64 && COMPAT) > - default 65536 > + default 65536 if !64BIT > + default 4294967296 if 64BIT > help > This is the portion of low virtual memory which should be protected > from userspace allocation. Keeping a user from writing to low pages Gee. Do we have any idea what effect this will have upon all userspace programs, some of which do inexplicably weird things? What's the benefit?
On Mon, Apr 01, 2019 at 04:05:59PM -0700, Andrew Morton wrote: > On Mon, 1 Apr 2019 08:06:13 +0300 Alexey Dobriyan <adobriyan@gmail.com> wrote: > > > No self respecting 64-bit program should ever touch that lowly 32-bit > > part of address space. > Gee. Do we have any idea what effect this will have upon all userspace > programs, some of which do inexplicably weird things? > > What's the benefit? Note the date :^)
--- a/mm/Kconfig +++ b/mm/Kconfig @@ -306,7 +306,8 @@ config KSM config DEFAULT_MMAP_MIN_ADDR int "Low address space to protect from user allocation" depends on MMU - default 4096 + default 4096 if !64BIT + default 4294967296 if 64BIT help This is the portion of low virtual memory which should be protected from userspace allocation. Keeping a user from writing to low pages --- a/security/Kconfig +++ b/security/Kconfig @@ -129,7 +129,8 @@ config LSM_MMAP_MIN_ADDR int "Low address space for LSM to protect from user allocation" depends on SECURITY && SECURITY_SELINUX default 32768 if ARM || (ARM64 && COMPAT) - default 65536 + default 65536 if !64BIT + default 4294967296 if 64BIT help This is the portion of low virtual memory which should be protected from userspace allocation. Keeping a user from writing to low pages
No self respecting 64-bit program should ever touch that lowly 32-bit part of address space. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> --- mm/Kconfig | 3 ++- security/Kconfig | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-)