Linux 4.6 Will Improve The Security Of 32-bit Programs

Written by Michael Larabel in Linux Kernel on 14 March 2016 at 11:35 AM EDT. 4 Comments
LINUX KERNEL
Besides the 4.6 scheduler updates, another interesting pull request today by Ingo Molnar are the mm updates.

Most notable to the mm pull request is the enabling of full ASLR randomization for 32-bit programs. Yes, about Address Space Layout Randomization. If you're not familiar with it, see Wikipedia.

The enabling of full randomization on i386 and x86_32 was done by Hector Marco-Gisbert. He explained in the patch:
Currently on i386 and on X86_64 when emulating X86_32 in legacy mode, only the stack and the executable are randomized but not other mmapped files (libraries, vDSO, etc.). This patch enables randomization for the libraries, vDSO and mmap requests on i386 and in X86_32 in legacy mode.

By default on i386 there are 8 bits for the randomization of the libraries, vDSO and mmaps which only uses 1MB of VA.

This patch preserves the original randomness, using 1MB of VA out of 3GB or 4GB. We think that 1MB out of 3GB is not a big cost for having the ASLR.

The first obvious security benefit is that all objects are randomized (not only the stack and the executable) in legacy mode which highly increases the ASLR effectiveness, otherwise the attackers may use these non-randomized areas. But also sensitive setuid/setgid applications are more secure because currently, attackers can disable the randomization of these applications by setting the ulimit stack to "unlimited". This is a very old and widely known trick to disable the ASLR in i386 which has been allowed for too long.

Another trick used to disable the ASLR was to set the ADDR_NO_RANDOMIZE personality flag, but fortunately this doesn't work on setuid/setgid applications because there is security checks which clear Security-relevant flags.

This patch always randomizes the mmap_legacy_base address, removing the possibility to disable the ASLR by setting the stack to "unlimited".
The MM pull request in full can be found here. Besides this big improvement for 32-bit x86 ASLR, there is also Kernel Address Sanitizer (KASAN) improvements, fixed mmiotrace for huge pages, minimal INVPCI support, and other work.
4 Comments
Related News
Linux 6.11 Is Looking Good In Early Benchmarks On AMD Ryzen Threadripper
Rust Is Ready With Robust Toolchain Handling For Linux 6.11
Linux 6.11 Lands Support For getrandom() In The vDSO
Linux 6.11 "MM" Patches Include Many Improvements, A 10x Speedup For One Optimization
XZ Patches For The Linux Kernel Updated, Drops "Jia Tan" As A Maintainer
AVX-512/AVX10 & VAES Optimized AES-GCM Implementation Lands In Linux 6.11
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
EXT4 Has A Very Nice Performance Optimization For Linux 6.11
Microsoft's WSL 2.3.11 Brings "Hundreds Of New Kernel Modules" & New Features
systemd Talks Up Automatic Boot Assessment In Light Of The Crowdstrike-Microsoft Outage
XZ Patches For The Linux Kernel Updated, Drops "Jia Tan" As A Maintainer
New Linux Patches Enable The Snapdragon X1 Elite Powered Lenovo ThinkPad T14s Gen 6
KDE Developers Tackle The Five Most Common Plasma Crashes
USB & Thunderbolt Improvements Land In Linux 6.11
NVIDIA 560 Linux Driver Beta Released - Defaults To Open GPU Kernel Modules