[19.10 FEAT] kernel address space layout randomization

Bug #1832626 reported by bugproxy on 2019-06-12
16
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
High
Frank Heimes
linux (Ubuntu)
Undecided
Skipper Bug Screeners

Bug Description

With kernel address space layout randomization (KASLR), the kernel can be loaded to a random location
in memory.

Protecting against certain attacks that rely on knowledge of the kernel addresses.

Available with kernel 5.2

bugproxy (bugproxy) on 2019-06-12
tags: added: architecture-s39064 bugnameltc-178130 severity-high targetmilestone-inin1910
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → linux (Ubuntu)
Changed in ubuntu-z-systems:
importance: Undecided → High
assignee: nobody → Canonical Kernel Team (canonical-kernel-team)
assignee: Canonical Kernel Team (canonical-kernel-team) → nobody
assignee: nobody → Frank Heimes (frank-heimes)
Frank Heimes (fheimes) wrote :

Set to Incomplete until kernel 5.2 lands in eoan.

Changed in ubuntu-z-systems:
status: New → Incomplete

------- Comment From <email address hidden> 2019-07-10 07:57 EDT-------
Git Commit for kernel 5.2 :
https://github.com/torvalds/linux/commit/cd479eccd2

Frank Heimes (fheimes) wrote :

$ rmadison --arch=s390x linux-generic | grep eoan-proposed
 linux-generic | 5.2.0.8.9 | eoan-proposed | s390x
$ git tag --contains cd479eccd2
Ubuntu-5.2.0-8.9
v5.2
$ git show cd479eccd2
commit cd479eccd2e057116d504852814402a1e68ead80
Author: Martin Schwidefsky <email address hidden>
Date: Mon Mar 4 12:33:28 2019 +0100

    s390: limit brk randomization to 32MB

    For a 64-bit process the randomization of the program break is quite
    large with 1GB. That is as big as the randomization of the anonymous
    mapping base, for a test case started with '/lib/ld64.so.1 <exec>'
    it can happen that the heap is placed after the stack. To avoid
    this limit the program break randomization to 32MB for 64-bit and
    keep 8MB for 31-bit.

    Reported-by: Stefan Liebler <email address hidden>
    Signed-off-by: Martin Schwidefsky <email address hidden>

With that changing status to Fix Committed.

Changed in linux (Ubuntu):
status: New → Fix Committed
Changed in ubuntu-z-systems:
status: Incomplete → Fix Committed
information type: Private → Public
Frank Heimes (fheimes) wrote :

Since kernel 5.2 eventually landed in eoan's release pocket:
  linux-generic | 5.2.0.8.9 | eoan | s390
I'm changing this LP ticket to Fix Released.

Changed in linux (Ubuntu):
status: Fix Committed → Fix Released
Changed in ubuntu-z-systems:
status: Fix Committed → Fix Released
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2019-07-16 06:30 EDT-------
IBM bugzilla status -> closed, Fix Released with Eoan

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers