FS#41260 - [linux] use the more secure upstream default for CONFIG_DEFAULT_MMAP_MIN_ADDR
Attached to Project:
Arch Linux
Opened by Daniel Micay (thestinger) - Saturday, 19 July 2014, 02:28 GMT
Last edited by Tobias Powalowski (tpowa) - Friday, 25 July 2014, 15:12 GMT
Opened by Daniel Micay (thestinger) - Saturday, 19 July 2014, 02:28 GMT
Last edited by Tobias Powalowski (tpowa) - Friday, 25 July 2014, 15:12 GMT
|
Details
The upstream default for this value is 65536 on both i686
and x86_64. Arch is currently using 4096, which doesn't
protect against bugs where an offset from the NULL pointer
is higher than the page size.
|
This task depends upon
% cd linux-3.15
% make defconfig
...
*** Default configuration is based on 'x86_64_defconfig'
#
# configuration written to .config
#
% grep DEFAULT_MMAP_MIN_ADDR .config
CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
The upstream default is 4096, but recommends 65536
Fedora and Ubuntu do use 64k on x86 (among other distributions), along with it being documented by upstream as the recommended choice.