You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some malloc implementations still use brk. It would be nice if it did better randomization including taking advantage of the page that it can randomize the lower bits. linux-hardened has a patch set resulting in the same end result as the last available PaX patches but with simpler changes to the existing implementation.
Initial patch to raise entropy on x86_64 to the generic approach used on arm64 and elsewhere:
Some malloc implementations still use
brk. It would be nice if it did better randomization including taking advantage of the page that it can randomize the lower bits. linux-hardened has a patch set resulting in the same end result as the last available PaX patches but with simpler changes to the existing implementation.Initial patch to raise entropy on x86_64 to the generic approach used on arm64 and elsewhere:
https://github.com/anthraxx/linux-hardened/commit/73d16f72057d3b1a36a44c39a0e991f733fb074f.patch
Lower bit randomization:
https://github.com/anthraxx/linux-hardened/commit/5bc143f5a39209dbe458d6900ab244df0e50a54b.patch
https://github.com/anthraxx/linux-hardened/commit/f17469b9cf5e9605ef8827e7c6e53c87838b3f75.patch
https://github.com/anthraxx/linux-hardened/commit/df74ddca771370e7f7b656f4a540e026d52c60f2.patch
Adding an extra 1 page to make sure the gap is always at least 1 page without reducing entropy:
https://github.com/anthraxx/linux-hardened/commit/ee9a6cf36f6a836315a4f7fd800bab5ba9c5f69b.patch
https://github.com/anthraxx/linux-hardened/commit/9a6427b469a8d903ccdd465f23ecca4e4b8cc7b0.patch
The text was updated successfully, but these errors were encountered: