From patchwork Thu Mar 22 16:36:37 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilya Smith X-Patchwork-Id: 889466 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-snps-arc-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="cCoQzGqC"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="HLlgqaEe"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 406XQ30NXPz9s1B for ; Fri, 23 Mar 2018 03:37:15 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=SKdnESOKPrrHR/YQGDeh+nOOiBWi4GSQ7wffKiMxNSY=; b=cCoQzGqC5dQx6H vTLGc5VeMf/ZNECfPaEx8AHCbZqvlI1RB/u3fhzBLP6ggfi5ydiXHHsYBk5BjKoYnlKXpe+wISYyT iEp48j0VxrfzLzTxBZNH6+du60W8TcYRhmf6pnlQcTwjKL+iuHmbfUCkBAB4PvXIKMJNSuGtV1iDv TMqcvHm8WCdcyXhJM/YkuP/+XWuZeJ8A2hF/4qt7r98tVy5CRB6yNzco9j1/4SDccTkmPE0qVktn4 lZAqNqxC4RCmZsW07G8VAvDWmL7Uyf5iD4mbiqYiEWxt5efug//il0b6KxuuA/e5A9kxlSl7R0sdv jRhEjdD6RePYOod/TSwA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1ez3DF-0007Um-5O; Thu, 22 Mar 2018 16:37:13 +0000 Received: from mail-lf0-x243.google.com ([2a00:1450:4010:c07::243]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1ez3D5-0007QS-F9; Thu, 22 Mar 2018 16:37:10 +0000 Received: by mail-lf0-x243.google.com with SMTP id o102-v6so14105786lfg.8; Thu, 22 Mar 2018 09:36:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references; bh=rbeOKq5V9eTRT8u5rfUzAgCdLtD99Cqf+/8TfHALzlA=; b=HLlgqaEeAPActWCgxUsCCJLKj9jG5NUu7s4Vq7Kiiuq5uGfFpNWhfDFxwmAhVjIbzv wUAL0u+htwYgdfPGErQxRE8nttQFT9PTfjxTKFIF81/72KOo2bs0ZFZv4JblZV0mhpaG IBPh74bi1lkLP82mUuLMlEivH3iV1lfTbleX3uEbt2sPAZLQmpI3KP9uJ4HIvIMbPOn1 Ga0T0aPI0bBIkGtVhPG0YNUaik3dhbmPjzQfPw+ItO6459TXv1WsGLZgMKxZu+OGPxV4 a8AMS4KNFA1i8HHPkL6D05yGiurkn6v1akSfuCku2K7A3QbP623Efy70ht/KIdJX370W 5huQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=rbeOKq5V9eTRT8u5rfUzAgCdLtD99Cqf+/8TfHALzlA=; b=fT4atAUCYlLGPon+mUbBMxeHlb70vZPrvAjt3AIyyGDuVE3pe6lPFSs5ll/37+u5gh HE4upsb7jFGv8nfbhvclZy5E54vskIp7QAaLrjHDw9Q5at8Koy94fve/upKuEvVyjEYk tANsEfRg/EK9Zmu7Nj+suC8D4+4uToXBAL7FjE3IOx0HXkUO9opMzX8JJvm4AELSTtP2 XqxPyHgWuv6EDmFvk2YS1zEtwXrKxOxXJn5vFF0+Zg16VG58OZqlX5qc1K061sZJskxp Qgtc5yjYxX63GB8Cw2zFUnfHRV/5+oiMzRMU8a9EDij4zrR7bSfduH6la8WRQD0EOu2f RvhA== X-Gm-Message-State: AElRT7FyCUYIVQS8/ZN9JS+954TmJ1ZCYxuksZdP8cnFzT8Yzb71ICEK N3Z7UpbZ1Vn9zT9Vkom4v9w= X-Google-Smtp-Source: AIpwx494nudMk19aF0byhFwcLpnF6u66xKh6fxV5mTuYViQ5cN1BHb/El+EAFgvRhSo/wmJbdpz97g== X-Received: by 2002:a19:ca41:: with SMTP id h1-v6mr60764lfj.81.1521736612704; Thu, 22 Mar 2018 09:36:52 -0700 (PDT) Received: from crasher.ptsecurity.ru ([31.44.93.25]) by smtp.gmail.com with ESMTPSA id q66sm1016261ljq.75.2018.03.22.09.36.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 22 Mar 2018 09:36:51 -0700 (PDT) From: Ilya Smith To: rth@twiddle.net, ink@jurassic.park.msu.ru, mattst88@gmail.com, vgupta@synopsys.com, linux@armlinux.org.uk, tony.luck@intel.com, fenghua.yu@intel.com, jhogan@kernel.org, ralf@linux-mips.org, jejb@parisc-linux.org, deller@gmx.de, benh@kernel.crashing.org, paulus@samba.org, mpe@ellerman.id.au, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, ysato@users.sourceforge.jp, dalias@libc.org, davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, x86@kernel.org, nyc@holomorphy.com, viro@zeniv.linux.org.uk, arnd@arndb.de, blackzert@gmail.com, gregkh@linuxfoundation.org, deepa.kernel@gmail.com, mhocko@suse.com, hughd@google.com, kstewart@linuxfoundation.org, pombredanne@nexb.com, akpm@linux-foundation.org, steve.capper@arm.com, punit.agrawal@arm.com, paul.burton@mips.com, aneesh.kumar@linux.vnet.ibm.com, npiggin@gmail.com, keescook@chromium.org, bhsharma@redhat.com, riel@redhat.com, nitin.m.gupta@oracle.com, kirill.shutemov@linux.intel.com, dan.j.williams@intel.com, jack@suse.cz, ross.zwisler@linux.intel.com, jglisse@redhat.com, willy@infradead.org, aarcange@redhat.com, oleg@redhat.com, linux-alpha@vger.kernel.org, linux-kernel@vger.kernel.org, linux-snps-arc@lists.infradead.org, linux-arm-kernel@lists.infradead.org, linux-ia64@vger.kernel.org, linux-metag@vger.kernel.org, linux-mips@linux-mips.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, sparclinux@vger.kernel.org, linux-mm@kvack.org Subject: [RFC PATCH v2 1/2] Randomization of address chosen by mmap. Date: Thu, 22 Mar 2018 19:36:37 +0300 Message-Id: <1521736598-12812-2-git-send-email-blackzert@gmail.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1521736598-12812-1-git-send-email-blackzert@gmail.com> References: <1521736598-12812-1-git-send-email-blackzert@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180322_093703_598036_788CB5C9 X-CRM114-Status: GOOD ( 18.06 ) X-Spam-Score: -0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (-0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2a00:1450:4010:c07:0:0:0:243 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (blackzert[at]gmail.com) 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-snps-arc@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux on Synopsys ARC Processors List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: "linux-snps-arc" Errors-To: linux-snps-arc-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Ilya Smith --- include/linux/mm.h | 16 ++++-- mm/mmap.c | 164 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 175 insertions(+), 5 deletions(-) diff --git a/include/linux/mm.h b/include/linux/mm.h index ad06d42..c716257 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -25,6 +25,7 @@ #include #include #include +#include struct mempolicy; struct anon_vma; @@ -2253,6 +2254,13 @@ struct vm_unmapped_area_info { unsigned long align_offset; }; +#ifndef CONFIG_MMU +#define randomize_va_space 0 +#else +extern int randomize_va_space; +#endif + +extern unsigned long unmapped_area_random(struct vm_unmapped_area_info *info); extern unsigned long unmapped_area(struct vm_unmapped_area_info *info); extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info); @@ -2268,6 +2276,9 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info); static inline unsigned long vm_unmapped_area(struct vm_unmapped_area_info *info) { + /* How about 32 bit process?? */ + if ((current->flags & PF_RANDOMIZE) && randomize_va_space > 3) + return unmapped_area_random(info); if (info->flags & VM_UNMAPPED_AREA_TOPDOWN) return unmapped_area_topdown(info); else @@ -2529,11 +2540,6 @@ int drop_caches_sysctl_handler(struct ctl_table *, int, void drop_slab(void); void drop_slab_node(int nid); -#ifndef CONFIG_MMU -#define randomize_va_space 0 -#else -extern int randomize_va_space; -#endif const char * arch_vma_name(struct vm_area_struct *vma); void print_vma_addr(char *prefix, unsigned long rip); diff --git a/mm/mmap.c b/mm/mmap.c index 9efdc021..ba9cebb 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -45,6 +45,7 @@ #include #include #include +#include #include #include @@ -1780,6 +1781,169 @@ unsigned long mmap_region(struct file *file, unsigned long addr, return error; } +unsigned long unmapped_area_random(struct vm_unmapped_area_info *info) +{ + struct mm_struct *mm = current->mm; + struct vm_area_struct *vma = NULL; + struct vm_area_struct *visited_vma = NULL; + unsigned long entropy[2]; + unsigned long length, low_limit, high_limit, gap_start, gap_end; + unsigned long addr = 0; + + /* get entropy with prng */ + prandom_bytes(&entropy, sizeof(entropy)); + /* small hack to prevent EPERM result */ + info->low_limit = max(info->low_limit, mmap_min_addr); + + /* Adjust search length to account for worst case alignment overhead */ + length = info->length + info->align_mask; + if (length < info->length) + return -ENOMEM; + + /* + * Adjust search limits by the desired length. + * See implementation comment at top of unmapped_area(). + */ + gap_end = info->high_limit; + if (gap_end < length) + return -ENOMEM; + high_limit = gap_end - length; + + low_limit = info->low_limit + info->align_mask; + if (low_limit >= high_limit) + return -ENOMEM; + + /* Choose random addr in limit range */ + addr = entropy[0] % ((high_limit - low_limit) >> PAGE_SHIFT); + addr = low_limit + (addr << PAGE_SHIFT); + addr += (info->align_offset - addr) & info->align_mask; + + /* Check if rbtree root looks promising */ + if (RB_EMPTY_ROOT(&mm->mm_rb)) + return -ENOMEM; + + vma = rb_entry(mm->mm_rb.rb_node, struct vm_area_struct, vm_rb); + if (vma->rb_subtree_gap < length) + return -ENOMEM; + /* use randomly chosen address to find closest suitable gap */ + while (true) { + gap_start = vma->vm_prev ? vm_end_gap(vma->vm_prev) : 0; + gap_end = vm_start_gap(vma); + if (gap_end < low_limit) + break; + if (addr < vm_start_gap(vma)) { + /* random said check left */ + if (vma->vm_rb.rb_left) { + struct vm_area_struct *left = + rb_entry(vma->vm_rb.rb_left, + struct vm_area_struct, vm_rb); + if (addr <= vm_start_gap(left) && + left->rb_subtree_gap >= length) { + vma = left; + continue; + } + } + } else if (addr >= vm_end_gap(vma)) { + /* random said check right */ + if (vma->vm_rb.rb_right) { + struct vm_area_struct *right = + rb_entry(vma->vm_rb.rb_right, + struct vm_area_struct, vm_rb); + /* it want go to the right */ + if (right->rb_subtree_gap >= length) { + vma = right; + continue; + } + } + } + if (gap_start < low_limit) { + if (gap_end <= low_limit) + break; + gap_start = low_limit; + } else if (gap_end > info->high_limit) { + if (gap_start >= info->high_limit) + break; + gap_end = info->high_limit; + } + if (gap_end > gap_start && + gap_end - gap_start >= length) + goto found; + visited_vma = vma; + break; + } + /* not found */ + while (true) { + gap_start = vma->vm_prev ? vm_end_gap(vma->vm_prev) : 0; + + if (gap_start <= high_limit && vma->vm_rb.rb_right) { + struct vm_area_struct *right = + rb_entry(vma->vm_rb.rb_right, + struct vm_area_struct, vm_rb); + if (right->rb_subtree_gap >= length && + right != visited_vma) { + vma = right; + continue; + } + } + +check_current: + /* Check if current node has a suitable gap */ + gap_end = vm_start_gap(vma); + if (gap_end <= low_limit) + goto go_back; + + if (gap_start < low_limit) + gap_start = low_limit; + + if (gap_start <= high_limit && + gap_end > gap_start && gap_end - gap_start >= length) + goto found; + + /* Visit left subtree if it looks promising */ + if (vma->vm_rb.rb_left) { + struct vm_area_struct *left = + rb_entry(vma->vm_rb.rb_left, + struct vm_area_struct, vm_rb); + if (left->rb_subtree_gap >= length && + vm_end_gap(left) > low_limit && + left != visited_vma) { + vma = left; + continue; + } + } +go_back: + /* Go back up the rbtree to find next candidate node */ + while (true) { + struct rb_node *prev = &vma->vm_rb; + + if (!rb_parent(prev)) + return -ENOMEM; + visited_vma = vma; + vma = rb_entry(rb_parent(prev), + struct vm_area_struct, vm_rb); + if (prev == vma->vm_rb.rb_right) { + gap_start = vma->vm_prev ? + vm_end_gap(vma->vm_prev) : low_limit; + goto check_current; + } + } + } +found: + /* We found a suitable gap. Clip it with the original high_limit. */ + if (gap_end > info->high_limit) + gap_end = info->high_limit; + gap_end -= info->length; + gap_end -= (gap_end - info->align_offset) & info->align_mask; + /* only one suitable page */ + if (gap_end == gap_start) + return gap_start; + addr = entropy[1] % (min((gap_end - gap_start) >> PAGE_SHIFT, + 0x10000UL)); + addr = gap_end - (addr << PAGE_SHIFT); + addr += (info->align_offset - addr) & info->align_mask; + return addr; +} + unsigned long unmapped_area(struct vm_unmapped_area_info *info) { /* From patchwork Thu Mar 22 16:36:38 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilya Smith X-Patchwork-Id: 889468 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-snps-arc-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="NJ+LxqJQ"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="h1u01+Bb"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 406XQ31bVPz9s1X for ; Fri, 23 Mar 2018 03:37:15 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=uwX5ege05AG4CQ9MrJxWmkfXoupn41tu3awh9p1875A=; b=NJ+LxqJQp1h+3h lG82SY3EsbPi5c6dOFju48k1v6QdSOuWS7/S9DB0eqbK+DKt5WdY7AggP6qLo7dzlg2msrk1S5Z1G TIfqt2Tp+hyzmdl++YLOfOB/cGIncs/6UzvpOAMLk4bN4D1/qlEym5MzHkcz82XPg/qAWYR3EZGIO 6cICXfo7lMpPeZIs9giQgfAJglcEAJB+ohJFGYPCUT2Br171QZzsb0YnykVOWFdAyrFWDxlfw+Ck3 RZk8TSdxLQDXiV5L82OZ70IpxshdffTYDzc5C/xPbKEjpZhv96Wa+BcmPa+1okP3dyCyE9ofgumpg YKOu18cABS15kv7gWB7Q==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1ez3DF-0007Uq-AO; Thu, 22 Mar 2018 16:37:13 +0000 Received: from mail-lf0-x242.google.com ([2a00:1450:4010:c07::242]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1ez3D9-0007QZ-Jf; Thu, 22 Mar 2018 16:37:10 +0000 Received: by mail-lf0-x242.google.com with SMTP id l4-v6so9790413lfg.12; Thu, 22 Mar 2018 09:36:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references; bh=TJxRecHNFs3nmAw3aBotwnp/kPcYVxq9wVj7Mf8ZHKw=; b=h1u01+BbPLauWniMhfezBsPSl/2y2obwKs6F0u3Gi5Cllhir2lgbXieTPReF4w9x4/ k7kl5Ryrm4/d2yswIUDKhIFUc3EJ2Z2nuxISbSuHLIa0Bos+czfrXxnyNeFARCHV2hj9 NiC2wZEFHH3+jyVM6DjVp20OpkbR8kRC/tekE8biN9WuCjpPpvRpu7+iVar+tCaWBlLN mwE9N62UF0N7g52KvGc96Wx0suqVsG8oMrfIWr6f4sIgpupHgEmUBko7eOMtJs12ZKyb iBreNMyK8WBzuxdXsWXE8o3qGav4OykvWcPGCNkAPdXjdCj+S7ufxBe1aoA/BWIg3xOD vL6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=TJxRecHNFs3nmAw3aBotwnp/kPcYVxq9wVj7Mf8ZHKw=; b=Rba0Vrr7SUA3GrBfK4vSTyhPZc6qKTzxYUnQmr1gFZaWQR7/RW7UmIcPhe3OdNMisL /UN8lRCzByqn9XMQeAp/hcIgVVXu/6i1oXg/gTl1j0//rvgaIAQVG6VdyS328h0S7T8V +YwcE07x+0Oi2BPYdaDCnv4MB+bFKzvE7OvtmIeC10EPA2kxSJZU3Wet9FXGf9XVEiSB L4Av1c+8SetEXPmTnq6L5AkrdSF4EUpms+LjWzMnL6+JKyRyLSIWLtDTxk1K4u4sBnY2 gyMZiIwlebYp6ENepMWfTR6TBLuLDTfRGkvtB/ODuuuL4j+kzUz+mfbLnVSysRkF/sMP KYWg== X-Gm-Message-State: AElRT7FaT6V3YG3wJH/CNsj9GMo/fdKSACfw2pQlSHLuLM2gRKc3DmZn qxZjpUax1tI/7nMKLKwSb6Q= X-Google-Smtp-Source: AG47ELvNOG9PT+pQp9FtItM7KOqORizxFQ0vqAkedCa+HLq7LUL915BY01VxlS8Lly357PpM1JRZ4g== X-Received: by 2002:a19:2c85:: with SMTP id s127-v6mr15467642lfs.18.1521736614799; Thu, 22 Mar 2018 09:36:54 -0700 (PDT) Received: from crasher.ptsecurity.ru ([31.44.93.25]) by smtp.gmail.com with ESMTPSA id q66sm1016261ljq.75.2018.03.22.09.36.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 22 Mar 2018 09:36:53 -0700 (PDT) From: Ilya Smith To: rth@twiddle.net, ink@jurassic.park.msu.ru, mattst88@gmail.com, vgupta@synopsys.com, linux@armlinux.org.uk, tony.luck@intel.com, fenghua.yu@intel.com, jhogan@kernel.org, ralf@linux-mips.org, jejb@parisc-linux.org, deller@gmx.de, benh@kernel.crashing.org, paulus@samba.org, mpe@ellerman.id.au, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, ysato@users.sourceforge.jp, dalias@libc.org, davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, x86@kernel.org, nyc@holomorphy.com, viro@zeniv.linux.org.uk, arnd@arndb.de, blackzert@gmail.com, gregkh@linuxfoundation.org, deepa.kernel@gmail.com, mhocko@suse.com, hughd@google.com, kstewart@linuxfoundation.org, pombredanne@nexb.com, akpm@linux-foundation.org, steve.capper@arm.com, punit.agrawal@arm.com, paul.burton@mips.com, aneesh.kumar@linux.vnet.ibm.com, npiggin@gmail.com, keescook@chromium.org, bhsharma@redhat.com, riel@redhat.com, nitin.m.gupta@oracle.com, kirill.shutemov@linux.intel.com, dan.j.williams@intel.com, jack@suse.cz, ross.zwisler@linux.intel.com, jglisse@redhat.com, willy@infradead.org, aarcange@redhat.com, oleg@redhat.com, linux-alpha@vger.kernel.org, linux-kernel@vger.kernel.org, linux-snps-arc@lists.infradead.org, linux-arm-kernel@lists.infradead.org, linux-ia64@vger.kernel.org, linux-metag@vger.kernel.org, linux-mips@linux-mips.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, sparclinux@vger.kernel.org, linux-mm@kvack.org Subject: [RFC PATCH v2 2/2] Architecture defined limit on memory region random shift. Date: Thu, 22 Mar 2018 19:36:38 +0300 Message-Id: <1521736598-12812-3-git-send-email-blackzert@gmail.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1521736598-12812-1-git-send-email-blackzert@gmail.com> References: <1521736598-12812-1-git-send-email-blackzert@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180322_093707_820503_45E4BFEF X-CRM114-Status: GOOD ( 11.59 ) X-Spam-Score: -0.8 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (-0.8 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2a00:1450:4010:c07:0:0:0:242 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (blackzert[at]gmail.com) 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-snps-arc@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Linux on Synopsys ARC Processors List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: "linux-snps-arc" Errors-To: linux-snps-arc-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Ilya Smith --- arch/alpha/kernel/osf_sys.c | 1 + arch/arc/mm/mmap.c | 1 + arch/arm/mm/mmap.c | 2 ++ arch/frv/mm/elf-fdpic.c | 1 + arch/ia64/kernel/sys_ia64.c | 1 + arch/ia64/mm/hugetlbpage.c | 1 + arch/metag/mm/hugetlbpage.c | 1 + arch/mips/mm/mmap.c | 1 + arch/parisc/kernel/sys_parisc.c | 2 ++ arch/powerpc/mm/hugetlbpage-radix.c | 1 + arch/powerpc/mm/mmap.c | 2 ++ arch/powerpc/mm/slice.c | 2 ++ arch/s390/mm/mmap.c | 2 ++ arch/sh/mm/mmap.c | 2 ++ arch/sparc/kernel/sys_sparc_32.c | 1 + arch/sparc/kernel/sys_sparc_64.c | 2 ++ arch/sparc/mm/hugetlbpage.c | 2 ++ arch/tile/mm/hugetlbpage.c | 2 ++ arch/x86/kernel/sys_x86_64.c | 4 ++++ arch/x86/mm/hugetlbpage.c | 4 ++++ fs/hugetlbfs/inode.c | 1 + include/linux/mm.h | 1 + mm/mmap.c | 3 ++- 23 files changed, 39 insertions(+), 1 deletion(-) diff --git a/arch/alpha/kernel/osf_sys.c b/arch/alpha/kernel/osf_sys.c index fa1a392..0ab9f31 100644 --- a/arch/alpha/kernel/osf_sys.c +++ b/arch/alpha/kernel/osf_sys.c @@ -1301,6 +1301,7 @@ arch_get_unmapped_area_1(unsigned long addr, unsigned long len, info.high_limit = limit; info.align_mask = 0; info.align_offset = 0; + info.random_shift = 0; return vm_unmapped_area(&info); } diff --git a/arch/arc/mm/mmap.c b/arch/arc/mm/mmap.c index 2e13683..45225fc 100644 --- a/arch/arc/mm/mmap.c +++ b/arch/arc/mm/mmap.c @@ -75,5 +75,6 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, info.high_limit = TASK_SIZE; info.align_mask = do_align ? (PAGE_MASK & (SHMLBA - 1)) : 0; info.align_offset = pgoff << PAGE_SHIFT; + info.random_shift = 0; return vm_unmapped_area(&info); } diff --git a/arch/arm/mm/mmap.c b/arch/arm/mm/mmap.c index eb1de66..1eb660c 100644 --- a/arch/arm/mm/mmap.c +++ b/arch/arm/mm/mmap.c @@ -101,6 +101,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, info.high_limit = TASK_SIZE; info.align_mask = do_align ? (PAGE_MASK & (SHMLBA - 1)) : 0; info.align_offset = pgoff << PAGE_SHIFT; + info.random_shift = 0; return vm_unmapped_area(&info); } @@ -152,6 +153,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.high_limit = mm->mmap_base; info.align_mask = do_align ? (PAGE_MASK & (SHMLBA - 1)) : 0; info.align_offset = pgoff << PAGE_SHIFT; + info.random_shift = 0; addr = vm_unmapped_area(&info); /* diff --git a/arch/frv/mm/elf-fdpic.c b/arch/frv/mm/elf-fdpic.c index 46aa289..a2ce2ce 100644 --- a/arch/frv/mm/elf-fdpic.c +++ b/arch/frv/mm/elf-fdpic.c @@ -86,6 +86,7 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, unsi info.high_limit = (current->mm->start_stack - 0x00200000); info.align_mask = 0; info.align_offset = 0; + info.random_shift = 0; addr = vm_unmapped_area(&info); if (!(addr & ~PAGE_MASK)) goto success; diff --git a/arch/ia64/kernel/sys_ia64.c b/arch/ia64/kernel/sys_ia64.c index 085adfc..15fa4fb 100644 --- a/arch/ia64/kernel/sys_ia64.c +++ b/arch/ia64/kernel/sys_ia64.c @@ -64,6 +64,7 @@ arch_get_unmapped_area (struct file *filp, unsigned long addr, unsigned long len info.high_limit = TASK_SIZE; info.align_mask = align_mask; info.align_offset = 0; + info.random_shift = 0; return vm_unmapped_area(&info); } diff --git a/arch/ia64/mm/hugetlbpage.c b/arch/ia64/mm/hugetlbpage.c index d16e419..ec7822d 100644 --- a/arch/ia64/mm/hugetlbpage.c +++ b/arch/ia64/mm/hugetlbpage.c @@ -162,6 +162,7 @@ unsigned long hugetlb_get_unmapped_area(struct file *file, unsigned long addr, u info.high_limit = HPAGE_REGION_BASE + RGN_MAP_LIMIT; info.align_mask = PAGE_MASK & (HPAGE_SIZE - 1); info.align_offset = 0; + info.random_shift = 0; return vm_unmapped_area(&info); } diff --git a/arch/metag/mm/hugetlbpage.c b/arch/metag/mm/hugetlbpage.c index 012ee4c..babd325 100644 --- a/arch/metag/mm/hugetlbpage.c +++ b/arch/metag/mm/hugetlbpage.c @@ -191,6 +191,7 @@ hugetlb_get_unmapped_area_new_pmd(unsigned long len) info.high_limit = TASK_SIZE; info.align_mask = PAGE_MASK & HUGEPT_MASK; info.align_offset = 0; + info.random_shift = 0; return vm_unmapped_area(&info); } diff --git a/arch/mips/mm/mmap.c b/arch/mips/mm/mmap.c index 33d3251..5a3d384 100644 --- a/arch/mips/mm/mmap.c +++ b/arch/mips/mm/mmap.c @@ -122,6 +122,7 @@ static unsigned long arch_get_unmapped_area_common(struct file *filp, info.flags = 0; info.low_limit = mm->mmap_base; info.high_limit = TASK_SIZE; + info.random_shift = 0; return vm_unmapped_area(&info); } diff --git a/arch/parisc/kernel/sys_parisc.c b/arch/parisc/kernel/sys_parisc.c index 378a754..abf4b05 100644 --- a/arch/parisc/kernel/sys_parisc.c +++ b/arch/parisc/kernel/sys_parisc.c @@ -130,6 +130,7 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, info.high_limit = mmap_upper_limit(); info.align_mask = last_mmap ? (PAGE_MASK & (SHM_COLOUR - 1)) : 0; info.align_offset = shared_align_offset(last_mmap, pgoff); + info.random_shift = 0; addr = vm_unmapped_area(&info); found_addr: @@ -192,6 +193,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.high_limit = mm->mmap_base; info.align_mask = last_mmap ? (PAGE_MASK & (SHM_COLOUR - 1)) : 0; info.align_offset = shared_align_offset(last_mmap, pgoff); + info.random_shift = 0; addr = vm_unmapped_area(&info); if (!(addr & ~PAGE_MASK)) goto found_addr; diff --git a/arch/powerpc/mm/hugetlbpage-radix.c b/arch/powerpc/mm/hugetlbpage-radix.c index 2486bee..1d61a88 100644 --- a/arch/powerpc/mm/hugetlbpage-radix.c +++ b/arch/powerpc/mm/hugetlbpage-radix.c @@ -87,6 +87,7 @@ radix__hugetlb_get_unmapped_area(struct file *file, unsigned long addr, info.high_limit = mm->mmap_base + (high_limit - DEFAULT_MAP_WINDOW); info.align_mask = PAGE_MASK & ~huge_page_mask(h); info.align_offset = 0; + info.random_shift = 0; return vm_unmapped_area(&info); } diff --git a/arch/powerpc/mm/mmap.c b/arch/powerpc/mm/mmap.c index d503f34..7fe98c7 100644 --- a/arch/powerpc/mm/mmap.c +++ b/arch/powerpc/mm/mmap.c @@ -136,6 +136,7 @@ radix__arch_get_unmapped_area(struct file *filp, unsigned long addr, info.low_limit = mm->mmap_base; info.high_limit = high_limit; info.align_mask = 0; + info.random_shift = 0; return vm_unmapped_area(&info); } @@ -180,6 +181,7 @@ radix__arch_get_unmapped_area_topdown(struct file *filp, info.low_limit = max(PAGE_SIZE, mmap_min_addr); info.high_limit = mm->mmap_base + (high_limit - DEFAULT_MAP_WINDOW); info.align_mask = 0; + info.random_shift = 0; addr = vm_unmapped_area(&info); if (!(addr & ~PAGE_MASK)) diff --git a/arch/powerpc/mm/slice.c b/arch/powerpc/mm/slice.c index 23ec2c5..2005845 100644 --- a/arch/powerpc/mm/slice.c +++ b/arch/powerpc/mm/slice.c @@ -284,6 +284,7 @@ static unsigned long slice_find_area_bottomup(struct mm_struct *mm, info.length = len; info.align_mask = PAGE_MASK & ((1ul << pshift) - 1); info.align_offset = 0; + info.random_shift = 0; addr = TASK_UNMAPPED_BASE; /* @@ -330,6 +331,7 @@ static unsigned long slice_find_area_topdown(struct mm_struct *mm, info.length = len; info.align_mask = PAGE_MASK & ((1ul << pshift) - 1); info.align_offset = 0; + info.random_shift = 0; addr = mm->mmap_base; /* diff --git a/arch/s390/mm/mmap.c b/arch/s390/mm/mmap.c index 831bdcf..141823f 100644 --- a/arch/s390/mm/mmap.c +++ b/arch/s390/mm/mmap.c @@ -95,6 +95,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, info.length = len; info.low_limit = mm->mmap_base; info.high_limit = TASK_SIZE; + info.random_shift = 0; if (filp || (flags & MAP_SHARED)) info.align_mask = MMAP_ALIGN_MASK << PAGE_SHIFT; else @@ -146,6 +147,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.length = len; info.low_limit = max(PAGE_SIZE, mmap_min_addr); info.high_limit = mm->mmap_base; + info.random_shift = 0; if (filp || (flags & MAP_SHARED)) info.align_mask = MMAP_ALIGN_MASK << PAGE_SHIFT; else diff --git a/arch/sh/mm/mmap.c b/arch/sh/mm/mmap.c index 6a1a129..d9206c2 100644 --- a/arch/sh/mm/mmap.c +++ b/arch/sh/mm/mmap.c @@ -74,6 +74,7 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, info.high_limit = TASK_SIZE; info.align_mask = do_colour_align ? (PAGE_MASK & shm_align_mask) : 0; info.align_offset = pgoff << PAGE_SHIFT; + info.random_shift = 0; return vm_unmapped_area(&info); } @@ -124,6 +125,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.high_limit = mm->mmap_base; info.align_mask = do_colour_align ? (PAGE_MASK & shm_align_mask) : 0; info.align_offset = pgoff << PAGE_SHIFT; + info.random_shift = 0; addr = vm_unmapped_area(&info); /* diff --git a/arch/sparc/kernel/sys_sparc_32.c b/arch/sparc/kernel/sys_sparc_32.c index 990703b7..af664ba3 100644 --- a/arch/sparc/kernel/sys_sparc_32.c +++ b/arch/sparc/kernel/sys_sparc_32.c @@ -66,6 +66,7 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, unsi info.align_mask = (flags & MAP_SHARED) ? (PAGE_MASK & (SHMLBA - 1)) : 0; info.align_offset = pgoff << PAGE_SHIFT; + info.random_shift = 0; return vm_unmapped_area(&info); } diff --git a/arch/sparc/kernel/sys_sparc_64.c b/arch/sparc/kernel/sys_sparc_64.c index 55416db..3d12e3d 100644 --- a/arch/sparc/kernel/sys_sparc_64.c +++ b/arch/sparc/kernel/sys_sparc_64.c @@ -131,6 +131,7 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, unsi info.high_limit = min(task_size, VA_EXCLUDE_START); info.align_mask = do_color_align ? (PAGE_MASK & (SHMLBA - 1)) : 0; info.align_offset = pgoff << PAGE_SHIFT; + info.random_shift = 0; addr = vm_unmapped_area(&info); if ((addr & ~PAGE_MASK) && task_size > VA_EXCLUDE_END) { @@ -194,6 +195,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.high_limit = mm->mmap_base; info.align_mask = do_color_align ? (PAGE_MASK & (SHMLBA - 1)) : 0; info.align_offset = pgoff << PAGE_SHIFT; + info.random_shift = 0; addr = vm_unmapped_area(&info); /* diff --git a/arch/sparc/mm/hugetlbpage.c b/arch/sparc/mm/hugetlbpage.c index 0112d69..6d0c032 100644 --- a/arch/sparc/mm/hugetlbpage.c +++ b/arch/sparc/mm/hugetlbpage.c @@ -43,6 +43,7 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *filp, info.high_limit = min(task_size, VA_EXCLUDE_START); info.align_mask = PAGE_MASK & ~huge_page_mask(h); info.align_offset = 0; + info.random_shift = 0; addr = vm_unmapped_area(&info); if ((addr & ~PAGE_MASK) && task_size > VA_EXCLUDE_END) { @@ -75,6 +76,7 @@ hugetlb_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.high_limit = mm->mmap_base; info.align_mask = PAGE_MASK & ~huge_page_mask(h); info.align_offset = 0; + info.random_shift = 0; addr = vm_unmapped_area(&info); /* diff --git a/arch/tile/mm/hugetlbpage.c b/arch/tile/mm/hugetlbpage.c index 0986d42..2b3a9b6 100644 --- a/arch/tile/mm/hugetlbpage.c +++ b/arch/tile/mm/hugetlbpage.c @@ -176,6 +176,7 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file, info.high_limit = TASK_SIZE; info.align_mask = PAGE_MASK & ~huge_page_mask(h); info.align_offset = 0; + info.random_shift = 0; return vm_unmapped_area(&info); } @@ -193,6 +194,7 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, info.high_limit = current->mm->mmap_base; info.align_mask = PAGE_MASK & ~huge_page_mask(h); info.align_offset = 0; + info.random_shift = 0; addr = vm_unmapped_area(&info); /* diff --git a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c index 676774b..0eda047 100644 --- a/arch/x86/kernel/sys_x86_64.c +++ b/arch/x86/kernel/sys_x86_64.c @@ -163,6 +163,8 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, info.high_limit = end; info.align_mask = 0; info.align_offset = pgoff << PAGE_SHIFT; + info.random_shift = in_compat_syscall() ? + 256 : 0x1000000; if (filp) { info.align_mask = get_align_mask(); info.align_offset += get_align_bits(); @@ -224,6 +226,8 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.align_mask = 0; info.align_offset = pgoff << PAGE_SHIFT; + info.random_shift = in_compat_syscall() ? + 256 : 0x1000000; if (filp) { info.align_mask = get_align_mask(); info.align_offset += get_align_bits(); diff --git a/arch/x86/mm/hugetlbpage.c b/arch/x86/mm/hugetlbpage.c index 00b2966..f4f6436 100644 --- a/arch/x86/mm/hugetlbpage.c +++ b/arch/x86/mm/hugetlbpage.c @@ -97,6 +97,8 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file, info.align_mask = PAGE_MASK & ~huge_page_mask(h); info.align_offset = 0; + info.random_shift = in_compat_syscall() ? + 256 : 0x1000000; return vm_unmapped_area(&info); } @@ -121,6 +123,8 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, info.align_mask = PAGE_MASK & ~huge_page_mask(h); info.align_offset = 0; + info.random_shift = in_compat_syscall() ? + 256 : 0x1000000; addr = vm_unmapped_area(&info); /* diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index 8fe1b0a..83e962e 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -200,6 +200,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, info.high_limit = TASK_SIZE; info.align_mask = PAGE_MASK & ~huge_page_mask(h); info.align_offset = 0; + info.random_shift = 0; return vm_unmapped_area(&info); } #endif diff --git a/include/linux/mm.h b/include/linux/mm.h index c716257..f869e6d 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -2252,6 +2252,7 @@ struct vm_unmapped_area_info { unsigned long high_limit; unsigned long align_mask; unsigned long align_offset; + unsigned long random_shift; }; #ifndef CONFIG_MMU diff --git a/mm/mmap.c b/mm/mmap.c index ba9cebb..425fa09 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1938,7 +1938,7 @@ unsigned long unmapped_area_random(struct vm_unmapped_area_info *info) if (gap_end == gap_start) return gap_start; addr = entropy[1] % (min((gap_end - gap_start) >> PAGE_SHIFT, - 0x10000UL)); + info->random_shift)); addr = gap_end - (addr << PAGE_SHIFT); addr += (info->align_offset - addr) & info->align_mask; return addr; @@ -2186,6 +2186,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, info.low_limit = mm->mmap_base; info.high_limit = TASK_SIZE; info.align_mask = 0; + info.random_shift = 0; return vm_unmapped_area(&info); } #endif