Some malloc implementations still use brk. It would be nice if it did better randomization including taking advantage of the page that it can randomize the lower bits. linux-hardened has a patch set resulting in the same end result as the last available PaX patches but with simpler changes to the existing implementation.
Initial patch to raise entropy on x86_64 to the generic approach used on arm64 and elsewhere:
Some malloc implementations still use
brk. It would be nice if it did better randomization including taking advantage of the page that it can randomize the lower bits. linux-hardened has a patch set resulting in the same end result as the last available PaX patches but with simpler changes to the existing implementation.Initial patch to raise entropy on x86_64 to the generic approach used on arm64 and elsewhere:
https://github.com/anthraxx/linux-hardened/commit/73d16f72057d3b1a36a44c39a0e991f733fb074f.patch
Lower bit randomization:
https://github.com/anthraxx/linux-hardened/commit/5bc143f5a39209dbe458d6900ab244df0e50a54b.patch https://github.com/anthraxx/linux-hardened/commit/f17469b9cf5e9605ef8827e7c6e53c87838b3f75.patch https://github.com/anthraxx/linux-hardened/commit/df74ddca771370e7f7b656f4a540e026d52c60f2.patch
Adding an extra 1 page to make sure the gap is always at least 1 page without reducing entropy:
https://github.com/anthraxx/linux-hardened/commit/ee9a6cf36f6a836315a4f7fd800bab5ba9c5f69b.patch https://github.com/anthraxx/linux-hardened/commit/9a6427b469a8d903ccdd465f23ecca4e4b8cc7b0.patch