0003-Default-to-maximum-amount-of-ASLR-bits.patch 1.4 KB

12345678910111213141516171819202122232425262728293031323334
  1. From 3a88b77d3cb9f9cd8a8aee052ab479b73aeb2e80 Mon Sep 17 00:00:00 2001
  2. From: "Jan Alexander Steffens (heftig)" <heftig@archlinux.org>
  3. Date: Sat, 13 Jan 2024 15:29:25 +0100
  4. Subject: [PATCH] arch/Kconfig: Default to maximum amount of ASLR bits
  5. To mitigate https://zolutal.github.io/aslrnt/; do this with a patch to
  6. avoid having to enable `CONFIG_EXPERT`.
  7. ---
  8. arch/Kconfig | 4 ++--
  9. 1 file changed, 2 insertions(+), 2 deletions(-)
  10. diff --git a/arch/Kconfig b/arch/Kconfig
  11. index f4b210ab061291..837d0dbb28ea08 100644
  12. --- a/arch/Kconfig
  13. +++ b/arch/Kconfig
  14. @@ -1032,7 +1032,7 @@ config ARCH_MMAP_RND_BITS
  15. int "Number of bits to use for ASLR of mmap base address" if EXPERT
  16. range ARCH_MMAP_RND_BITS_MIN ARCH_MMAP_RND_BITS_MAX
  17. default ARCH_MMAP_RND_BITS_DEFAULT if ARCH_MMAP_RND_BITS_DEFAULT
  18. - default ARCH_MMAP_RND_BITS_MIN
  19. + default ARCH_MMAP_RND_BITS_MAX
  20. depends on HAVE_ARCH_MMAP_RND_BITS
  21. help
  22. This value can be used to select the number of bits to use to
  23. @@ -1066,7 +1066,7 @@ config ARCH_MMAP_RND_COMPAT_BITS
  24. int "Number of bits to use for ASLR of mmap base address for compatible applications" if EXPERT
  25. range ARCH_MMAP_RND_COMPAT_BITS_MIN ARCH_MMAP_RND_COMPAT_BITS_MAX
  26. default ARCH_MMAP_RND_COMPAT_BITS_DEFAULT if ARCH_MMAP_RND_COMPAT_BITS_DEFAULT
  27. - default ARCH_MMAP_RND_COMPAT_BITS_MIN
  28. + default ARCH_MMAP_RND_COMPAT_BITS_MAX
  29. depends on HAVE_ARCH_MMAP_RND_COMPAT_BITS
  30. help
  31. This value can be used to select the number of bits to use to