From patchwork Sat Aug 28 15:50:43 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 62918 X-Patchwork-Delegate: leann.ogasawara@canonical.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from chlorine.canonical.com (chlorine.canonical.com [91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id 2224CB70F2 for ; Sun, 29 Aug 2010 01:50:59 +1000 (EST) Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com) by chlorine.canonical.com with esmtp (Exim 4.69) (envelope-from ) id 1OpNg8-000344-CR; Sat, 28 Aug 2010 16:50:48 +0100 Received: from smtp.outflux.net ([198.145.64.163]) by chlorine.canonical.com with esmtp (Exim 4.69) (envelope-from ) id 1OpNg6-00032x-1G for kernel-team@lists.ubuntu.com; Sat, 28 Aug 2010 16:50:46 +0100 Received: from www.outflux.net (serenity-end.outflux.net [10.2.0.2]) by vinyl.outflux.net (8.14.3/8.14.3/Debian-9.1ubuntu1) with ESMTP id o7SFohuK004137; Sat, 28 Aug 2010 08:50:44 -0700 Date: Sat, 28 Aug 2010 08:50:43 -0700 From: Kees Cook To: Bryan Wu Subject: Re: [maverick] ARM security cherry-picks Message-ID: <20100828155043.GL4703@outflux.net> References: <20100821045838.GB4138@outflux.net> <4C727B9F.3000001@canonical.com> <4C735A2E.4020809@canonical.com> <4C73BF72.2080707@canonical.com> <4C77C9AD.2000004@canonical.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: Organization: Ubuntu X-MIMEDefang-Filter: outflux$Revision: 1.316 $ X-HELO: www.outflux.net X-Scanned-By: MIMEDefang 2.67 on 10.2.0.1 Cc: kernel-team@lists.ubuntu.com X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.9 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: kernel-team-bounces@lists.ubuntu.com Errors-To: kernel-team-bounces@lists.ubuntu.com Hi Bryan, On Sat, Aug 28, 2010 at 10:08:28AM +0800, Bryan Wu wrote: > http://git.linaro.org/gitweb?p=linux/arm_next.git;a=commitdiff;h=f13b5666dfe3240bf2218f0ca30e5ea2b4a1c50d > Is this URL still alive? I cannot access it, so I'm not sure whether > we need to apply this one. This works for me. It is: From: Nicolas Pitre Date: Fri, 20 Aug 2010 20:16:03 +0000 (-0400) Subject: ARM: fix ASLR of PIE executables X-Git-Url: http://git.linaro.org/gitweb?p=linux%2Farm_next.git;a=commitdiff_plain;h=f13b5666dfe3240bf2218f0ca30e5ea2b4a1c50d ARM: fix ASLR of PIE executables Since commits 990cb8acf2 and cc92c28b2d, it is possible to have full address space layout randomization (ASLR) on ARM. Except that one small change was missing for ASLR of PIE executables. Signed-off-by: Nicolas Pitre diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index 535e763..6884e19 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -800,7 +800,7 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) * default mmap base, as well as whatever program they * might try to exec. This is because the brk will * follow the loader, and is not movable. */ -#ifdef CONFIG_X86 +#if defined(CONFIG_X86) || defined(CONFIG_ARM) load_bias = 0; #else load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);