From: Huacai Chen <chenhuacai@kernel.org>
To: Bingwu Zhang <xtex@envs.net>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>,
Kees Cook <kees@kernel.org>,
Matt Redfearn <matt.redfearn@mips.com>, Yao Zi <me@ziyao.cc>,
Icenowy Zheng <uwu@icenowy.me>,
Jiaxun Yang <jiaxun.yang@flygoat.com>,
linux-mips@vger.kernel.org, linux-kernel@vger.kernel.org,
Bingwu Zhang <xtex@astrafall.org>
Subject: Re: [PATCH] MIPS: Increase default mmap randomization bits for 64-bit
Date: Tue, 7 Apr 2026 20:59:07 +0800 [thread overview]
Message-ID: <CAAhV-H7O4LZFchu1mif+qbV-XEhoDS3p=V9mJBhkSyE9EkmFsw@mail.gmail.com> (raw)
In-Reply-To: <20260328225738.51613-2-xtex@envs.net>
Hi, Bingwu,
On Sun, Mar 29, 2026 at 6:57 AM Bingwu Zhang <xtex@envs.net> wrote:
>
> From: Bingwu Zhang <xtex@astrafall.org>
>
> Increase mmap randomization bits on 64-bit from [12,18] to [18,20] for
> better strength.
>
> The original default, 12, means that ASLR offset has only (1 << 12) =
> 4096 possibilities. On average, it can be brute-forced in 2048 attempts.
> If a service is configured to restart automatically or can be started
> easily (e.g. execve a suid program), then trying for 4k times can be
> done in one day even when each attempt takes 20s.
> Increasing it to 18 makes brute-force much more difficult and leaves
> more time for operators to find out attacks.
I suggest to keep ARCH_MMAP_RND_BITS_MIN and only increase
ARCH_MMAP_RND_BITS_MAX. Because performance is important by default
and you can change mmap_rnd_bits at runtime for security.
Huacai
>
> On 64-bit platforms, virtual address space is cheap, so the
> randomization bits can be increased safely without disturbing userland.
>
> In 1091458d09e1 ("MIPS: Randomize mmap if randomize_va_space is set")
> where mmap randomization was first introduced to MIPS, the randomization
> range was 256 MiB, equivalent to 16 randomization bits (if 4K page size).
> In 109c32ffd89d ("MIPS: Add support for ARCH_MMAP_RND_{COMPAT_}BITS")
> where MIPS begin to use ARCH_MMAP_RND_BITS, commit message claimed:
> > The minimum(default) for 64bit is 12bits, again with 4k
> > pagesize this is the same as the current 256MB.
> which is incorrect. (1 << 12) * page_size is 256 MiB only when page size
> is 64 KiB, so the strength of mmap randomization was reduced by 4b.
>
> Fixes: 109c32ffd89d ("MIPS: Add support for ARCH_MMAP_RND_{COMPAT_}BITS")
> Signed-off-by: Bingwu Zhang <xtex@astrafall.org>
> ---
> arch/mips/Kconfig | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig
> index e48b62b4dc48..c630dab44419 100644
> --- a/arch/mips/Kconfig
> +++ b/arch/mips/Kconfig
> @@ -3063,11 +3063,11 @@ config MMU
> default y
>
> config ARCH_MMAP_RND_BITS_MIN
> - default 12 if 64BIT
> - default 8
> -
> -config ARCH_MMAP_RND_BITS_MAX
> default 18 if 64BIT
> + default 8
> +
> +config ARCH_MMAP_RND_BITS_MAX
> + default 20 if 64BIT
> default 15
>
> config ARCH_MMAP_RND_COMPAT_BITS_MIN
>
> base-commit: be762d8b6dd7efacb61937d20f8475db8f207655
> --
> 2.52.0
>
>
prev parent reply other threads:[~2026-04-07 12:59 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-28 22:57 [PATCH] MIPS: Increase default mmap randomization bits for 64-bit Bingwu Zhang
2026-03-31 21:56 ` Kees Cook
2026-04-07 12:59 ` Huacai Chen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAAhV-H7O4LZFchu1mif+qbV-XEhoDS3p=V9mJBhkSyE9EkmFsw@mail.gmail.com' \
--to=chenhuacai@kernel.org \
--cc=jiaxun.yang@flygoat.com \
--cc=kees@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=matt.redfearn@mips.com \
--cc=me@ziyao.cc \
--cc=tsbogend@alpha.franken.de \
--cc=uwu@icenowy.me \
--cc=xtex@astrafall.org \
--cc=xtex@envs.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).