Comment 8 for bug 1983357

Revision history for this message
Thadeu Lima de Souza Cascardo (cascardo) wrote :

aslr32 libs regressed because of upstream commit 1854bc6e2420 ("mm/readahead: Align file mappings for non-DAX").

Some filesystems mmap will try to align the address by the size and when glibc loaded maps the ELF file, a randomized address will be chosen but then aligned to the PMD size (21 bits on x86). Given we default to randomizing 8 bits of the address on 32-bit programs on x86 and the page size of 4096, we end up clearing the random bits when that alignment is done.

There are a couple of paths here:

1) revert that upstream commit, losing optimization on transparent huge pages due to the PMD aligment for every file mapped by either 32-bit of 64-bit programs;
2) do not align for 32-bit programs. I don't expect code to be maintainable here.
3) increase the default random bits for 32-bit programs to 16 (the x86 maximum) and other sensible values on other platforms (arm64 and ppc64el), which has the potential of breaking a few programs, specially ones that require "too much memory", but those should be using 64-bit if that is really needed;
4) ignore the issue and leave 32-bit programs vulnerable to attacks.

Given the alternative of leaving programs vulnerable, I would rather experimenting with changing the default (option 3). The option is tunable anyway and users should be able to change the setting if necessary. We could also consider making the behavior tunable and we actually have THP as a setting, so could as well use it.