FS#41260 : [linux] use the more secure upstream default for CONFIG_DEFAULT_MMAP_MIN

FS#41260 - [linux] use the more secure upstream default for CONFIG_DEFAULT_MMAP_MIN_ADDR

Attached to Project: Arch Linux
Opened by Daniel Micay (thestinger) - Saturday, 19 July 2014, 02:28 GMT
Last edited by Tobias Powalowski (tpowa) - Friday, 25 July 2014, 15:12 GMT

Task Type	Feature Request
Category	Security
Status	Closed
Assigned To	Tobias Powalowski (tpowa) Thomas Bächler (brain0)
Architecture	All
Severity	High
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	3 Wyatt J. Brown (sushidude) (2014-07-24) csmk (csmk) (2014-07-19) Daniel Micay (thestinger) (2014-07-19)
Private	No

Details

The upstream default for this value is 65536 on both i686 and x86_64. Arch is currently using 4096, which doesn't protect against bugs where an offset from the NULL pointer is higher than the page size.

This task depends upon

Closed by Tobias Powalowski (tpowa)
Friday, 25 July 2014, 15:12 GMT
Reason for closing: Fixed

Comment by Daniel Micay (thestinger) - Saturday, 19 July 2014, 02:32 GMT

Large pointer offsets into arrays are not uncommon, so the larger value will prevent more exploits. The upstream recommendation is 64k. There's no disadvantage to following the advice of upstream here, and a significant security improvement.

Comment by John (graysky) - Saturday, 19 July 2014, 11:14 GMT

Can you reference upstream's recommendation? I find it to be 4096:

% cd linux-3.15
% make defconfig
...
*** Default configuration is based on 'x86_64_defconfig'
#
# configuration written to .config
#
% grep DEFAULT_MMAP_MIN_ADDR .config
CONFIG_DEFAULT_MMAP_MIN_ADDR=4096

Comment by Johannes Löthberg (demize) - Saturday, 19 July 2014, 11:53 GMT

http://cateee.net/lkddb/web-lkddb/DEFAULT_MMAP_MIN_ADDR.html

The upstream default is 4096, but recommends 65536

Comment by Daniel Micay (thestinger) - Saturday, 19 July 2014, 16:55 GMT

Ah sorry, I missed that the Linux distribution I was checking patches the default. It seems it's 4096 because there's no other sane cross-platform value.

Fedora and Ubuntu do use 64k on x86 (among other distributions), along with it being documented by upstream as the recommended choice.

Comment by Tobias Powalowski (tpowa) - Friday, 25 July 2014, 15:12 GMT

Fixed on trunk

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#41260 - [linux] use the more secure upstream default for CONFIG_DEFAULT_MMAP_MIN_ADDR

Details

Loading...