[maverick] ARM security cherry-picks

Kees Cook kees.cook at canonical.com
Sat Aug 28 15:50:43 UTC 2010

Hi Bryan,

On Sat, Aug 28, 2010 at 10:08:28AM +0800, Bryan Wu wrote:
> http://git.linaro.org/gitweb?p=linux/arm_next.git;a=commitdiff;h=f13b5666dfe3240bf2218f0ca30e5ea2b4a1c50d
> Is this URL still alive? I cannot access it, so I'm not sure whether
> we need to apply this one.

This works for me. It is:

From: Nicolas Pitre <nicolas.pitre at linaro.org>
Date: Fri, 20 Aug 2010 20:16:03 +0000 (-0400)
Subject: ARM: fix ASLR of PIE executables
X-Git-Url: http://git.linaro.org/gitweb?p=linux%2Farm_next.git;a=commitdiff_plain;h=f13b5666dfe3240bf2218f0ca30e5ea2b4a1c50d

ARM: fix ASLR of PIE executables

Since commits 990cb8acf2 and cc92c28b2d, it is possible to have full
address space layout randomization (ASLR) on ARM.  Except that one small
change was missing for ASLR of PIE executables.

Signed-off-by: Nicolas Pitre <nicolas.pitre at linaro.org>

diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index 535e763..6884e19 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -800,7 +800,7 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
 			 * default mmap base, as well as whatever program they
 			 * might try to exec.  This is because the brk will
 			 * follow the loader, and is not movable.  */
-#ifdef CONFIG_X86
+#if defined(CONFIG_X86) || defined(CONFIG_ARM)
 			load_bias = 0;
 			load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);

Kees Cook
Ubuntu Security Team

More information about the kernel-team mailing list