On 21/11/2023 09:54, Amit Daniel Kachhap wrote:
On 10/3/23 11:11, Chaitanya S Prakash wrote:
[...]
+ /* repeat positive max_prot test with fixed address */ + flags = MAP_PRIVATE | MAP_ANONYMOUS; + max_prot = PROT_ALL; + prot = PROT_READ | PROT_EXEC; + ptr = mmap(addr, MMAP_SIZE, PROT_MAX(max_prot) | prot, + flags | MAP_FIXED, -1, 0);
Here, addr has to be >= to mmap_min_addr which in kernel is 8K. So you may set addr to 8K to get the same mmap fixed address.
That's a very good point, I didn't realise that the minimum address is configurable. Looking at security/min_addr.c, it seems that there are multiple values to consider. To err on the side of caution, I would use the highest value, i.e. the default value of CONFIG_LSM_MMAP_MIN_ADDR, 65536 (64K). In fact the user is free to choose an even higher value, but I think that's a reasonable compromise.
Kevin