summarylogtreecommitdiffstats
path: root/0103_default_to_max_ASLR_bits.patch
diff options
context:
space:
mode:
authorJeka2025-03-20 23:34:20 +0300
committerJeka2025-03-20 23:34:20 +0300
commite2603a165805a865040d5ffbe1db5dfcc1b15087 (patch)
tree3d387db5b9f5aecdb938052b953a942b95928833 /0103_default_to_max_ASLR_bits.patch
parenta9fcf6eb146bb99793f85b26567c1d3b350e5542 (diff)
downloadaur-linux-jcore.tar.gz
kernel release 6.13.7
Diffstat (limited to '0103_default_to_max_ASLR_bits.patch')
-rw-r--r--0103_default_to_max_ASLR_bits.patch33
1 files changed, 33 insertions, 0 deletions
diff --git a/0103_default_to_max_ASLR_bits.patch b/0103_default_to_max_ASLR_bits.patch
new file mode 100644
index 000000000000..4b1ccc6425e9
--- /dev/null
+++ b/0103_default_to_max_ASLR_bits.patch
@@ -0,0 +1,33 @@
+From 3a88b77d3cb9f9cd8a8aee052ab479b73aeb2e80 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <heftig@archlinux.org>
+Date: Sat, 13 Jan 2024 15:29:25 +0100
+Subject: [PATCH] arch/Kconfig: Default to maximum amount of ASLR bits
+
+To mitigate https://zolutal.github.io/aslrnt/; do this with a patch to
+avoid having to enable `CONFIG_EXPERT`.
+---
+ arch/Kconfig | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/arch/Kconfig b/arch/Kconfig
+index f4b210ab061291..837d0dbb28ea08 100644
+--- a/arch/Kconfig
++++ b/arch/Kconfig
+@@ -1032,7 +1032,7 @@ config ARCH_MMAP_RND_BITS
+ int "Number of bits to use for ASLR of mmap base address" if EXPERT
+ range ARCH_MMAP_RND_BITS_MIN ARCH_MMAP_RND_BITS_MAX
+ default ARCH_MMAP_RND_BITS_DEFAULT if ARCH_MMAP_RND_BITS_DEFAULT
+- default ARCH_MMAP_RND_BITS_MIN
++ default ARCH_MMAP_RND_BITS_MAX
+ depends on HAVE_ARCH_MMAP_RND_BITS
+ help
+ This value can be used to select the number of bits to use to
+@@ -1066,7 +1066,7 @@ config ARCH_MMAP_RND_COMPAT_BITS
+ int "Number of bits to use for ASLR of mmap base address for compatible applications" if EXPERT
+ range ARCH_MMAP_RND_COMPAT_BITS_MIN ARCH_MMAP_RND_COMPAT_BITS_MAX
+ default ARCH_MMAP_RND_COMPAT_BITS_DEFAULT if ARCH_MMAP_RND_COMPAT_BITS_DEFAULT
+- default ARCH_MMAP_RND_COMPAT_BITS_MIN
++ default ARCH_MMAP_RND_COMPAT_BITS_MAX
+ depends on HAVE_ARCH_MMAP_RND_COMPAT_BITS
+ help
+ This value can be used to select the number of bits to use to