git.hungrycats.org Git - linux/commit

author	Vasily Kulikov <segoon@openwall.com>
	Wed, 9 Sep 2015 22:36:00 +0000 (15:36 -0700)
committer	Sasha Levin <sasha.levin@oracle.com>
	Wed, 13 Apr 2016 21:14:30 +0000 (17:14 -0400)
commit	46460a03f44f1915ded434057fa46332438b3a6e
tree	d4e0a1b8d7715ef53102304d8e3bd0837d61377a	tree \| snapshot
parent	d979e967f848caf908a1401b7ad67cf13f06ef9f	commit \| diff

include/linux/poison.h: fix LIST_POISON{1,2} offset

[ Upstream commit 8a5e5e02fc83aaf67053ab53b359af08c6c49aaf ]

Poison pointer values should be small enough to find a room in
non-mmap'able/hardly-mmap'able space.  E.g.  on x86 "poison pointer space"
is located starting from 0x0.  Given unprivileged users cannot mmap
anything below mmap_min_addr, it should be safe to use poison pointers
lower than mmap_min_addr.

The current poison pointer values of LIST_POISON{1,2} might be too big for
mmap_min_addr values equal or less than 1 MB (common case, e.g.  Ubuntu
uses only 0x10000).  There is little point to use such a big value given
the "poison pointer space" below 1 MB is not yet exhausted.  Changing it
to a smaller value solves the problem for small mmap_min_addr setups.

The values are suggested by Solar Designer:
http://www.openwall.com/lists/oss-security/2015/05/02/6

Signed-off-by: Vasily Kulikov <segoon@openwall.com>
Cc: Solar Designer <solar@openwall.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>