brk randomization: introduce CONFIG_COMPAT_BRK (32a93233) · Commits · 戴 / test

fs/binfmt_elf.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1077,7 +1077,7 @@ static int load_elf_binary(struct linux_binprm bprm, struct pt_regs regs)
		current->mm->start_stack = bprm->p;

		#ifdef arch_randomize_brk
		if (current->flags & PF_RANDOMIZE)
		if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1))
		current->mm->brk = current->mm->start_brk =
		arch_randomize_brk(current->mm);
		#endif

+12 −0

Original line number	Diff line number	Diff line
		@@ -541,6 +541,18 @@ config ELF_CORE
		help
		Enable support for generating core dumps. Disabling saves about 4k.

		config COMPAT_BRK
		bool "Disable heap randomization"
		default y
		help
		Randomizing heap placement makes heap exploits harder, but it
		also breaks ancient binaries (including anything libc5 based).
		This option changes the bootup default to heap randomization
		disabled, and can be overriden runtime by setting
		/proc/sys/kernel/randomize_va_space to 2.

		On non-ancient distros (post-2000 ones) Y is usually a safe choice.

		config BASE_FULL
		default y
		bool "Enable full-sized data structures for core" if EMBEDDED

+12 −1

Original line number	Diff line number	Diff line
		@@ -82,7 +82,18 @@ void * high_memory;
		EXPORT_SYMBOL(num_physpages);
		EXPORT_SYMBOL(high_memory);

		int randomize_va_space __read_mostly = 1;
		/*
		* Randomize the address space (stacks, mmaps, brk, etc.).
		*
		* ( When CONFIG_COMPAT_BRK=y we exclude brk from randomization,
		* as ancient (libc5 based) binaries can segfault. )
		*/
		int randomize_va_space __read_mostly =
		#ifdef CONFIG_COMPAT_BRK
		1;
		#else
		2;
		#endif

		static int __init disable_randmaps(char *s)
		{