• Kirill A. Shutemov's avatar
    x86/mm: Implement ASLR for hugetlb mappings · fd8526ad
    Kirill A. Shutemov authored
    Matthew noticed that hugetlb mappings don't participate in ASLR on x86-64:
    
      %  for i in `seq 3`; do
      > tools/testing/selftests/vm/map_hugetlb | grep address
      > done
      Returned address is 0x2aaaaac00000
      Returned address is 0x2aaaaac00000
      Returned address is 0x2aaaaac00000
    
    /proc/PID/maps entries for the mapping are always the same
    (except inode number):
    
      2aaaaac00000-2aaabac00000 rw-p 00000000 00:0c 8200              /anon_hugepage (deleted)
      2aaaaac00000-2aaabac00000 rw-p 00000000 00:0c 256               /anon_hugepage (deleted)
      2aaaaac00000-2aaabac00000 rw-p 00000000 00:0c 7180              /anon_hugepage (deleted)
    
    The reason is the generic hugetlb_get_unmapped_area() function
    which is used on x86-64.  It doesn't support randomization and
    use bottom-up unmapped area lookup, instead of usual top-down
    on x86-64.
    
    x86 has arch-specific hugetlb_get_unmapped_area(), but it's used
    only on x86-32.
    
    Let's use arch-specific hugetlb_get_unmapped_area() on x86-64
    too. That adds ASLR and switches hugetlb mappings to use top-down
    unmapped area lookup:
    
      %  for i in `seq 3`; do
      > tools/testing/selftests/vm/map_hugetlb | grep address
      > done
      Returned address is 0x7f4f08a00000
      Returned address is 0x7fdda4200000
      Returned address is 0x7febe0000000
    
    /proc/PID/maps entries:
    
      7f4f08a00000-7f4f18a00000 rw-p 00000000 00:0c 1168              /anon_hugepage (deleted)
      7fdda4200000-7fddb4200000 rw-p 00000000 00:0c 7092              /anon_hugepage (deleted)
      7febe0000000-7febf0000000 rw-p 00000000 00:0c 7183              /anon_hugepage (deleted)
    
    Unmapped area lookup policy for hugetlb mappings is consistent
    with normal mappings now -- the only difference is alignment
    requirements for huge pages.
    
    libhugetlbfs test-suite didn't detect any regressions with the
    patch applied (although it shows few failures on my machine
    regardless the patch).
    Signed-off-by: default avatarKirill A. Shutemov <kirill.shutemov@linux.intel.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Cc: Matthew Wilcox <willy@linux.intel.com>
    Cc: Dave Hansen <dave.hansen@intel.com>
    Cc: "H. Peter Anvin" <hpa@zytor.com>
    Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
    Cc: Linus Torvalds <torvalds@linux-foundation.org>
    Cc: Andrea Arcangeli <aarcange@redhat.com>
    Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
    Cc: Mel Gorman <mgorman@suse.de>
    Link: http://lkml.kernel.org/r/20131119131750.EA45CE0090@blue.fi.intel.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
    fd8526ad
hugetlbpage.c 4.11 KB