commit 1ec7fd50ba4f845d1cf6b67acabd774577ef13b6

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

brk: document randomize_va_space and CONFIG_COMPAT_BRK (was Re:

Document randomize_va_space and CONFIG_COMPAT_BRK.

Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>

authored by

Jiri Kosina and committed by

Thomas Gleixner 18 years ago 1ec7fd50 6697c052

+29

1 changed file

expand all

unified split

Documentation

sysctl

kernel.txt

+29

Documentation/sysctl/kernel.txt

··· 41 41 - pid_max 42 42 - powersave-nap [ PPC only ] 43 43 - printk 44 + - randomize_va_space 44 45 - real-root-dev ==> Documentation/initrd.txt 45 46 - reboot-cmd [ SPARC only ] 46 47 - rtsig-max ··· 278 277 seconds, we do allow a burst of messages to pass through. 279 278 printk_ratelimit_burst specifies the number of messages we can 280 279 send before ratelimiting kicks in. 280 + 281 + ============================================================== 282 + 283 + randomize-va-space: 284 + 285 + This option can be used to select the type of process address 286 + space randomization that is used in the system, for architectures 287 + that support this feature. 288 + 289 + 0 - Turn the process address space randomization off by default. 290 + 291 + 1 - Make the addresses of mmap base, stack and VDSO page randomized. 292 + This, among other things, implies that shared libraries will be 293 + loaded to random addresses. Also for PIE-linked binaries, the location 294 + of code start is randomized. 295 + 296 + With heap randomization, the situation is a little bit more 297 + complicated. 298 + There a few legacy applications out there (such as some ancient 299 + versions of libc.so.5 from 1996) that assume that brk area starts 300 + just after the end of the code+bss. These applications break when 301 + start of the brk area is randomized. There are however no known 302 + non-legacy applications that would be broken this way, so for most 303 + systems it is safe to choose full randomization. However there is 304 + a CONFIG_COMPAT_BRK option for systems with ancient and/or broken 305 + binaries, that makes heap non-randomized, but keeps all other 306 + parts of process address space randomized if randomize_va_space 307 + sysctl is turned on. 281 308 282 309 ============================================================== 283 310