Linux 4.1 Will Improve AMD Bulldozer's ASLR Entropy Issue

Written by Michael Larabel in Linux Kernel on 13 April 2015 at 09:47 AM EDT. 13 Comments
LINUX KERNEL
The Linux 4.1 kernel will improve AMD's ASLR workaround for Bulldozer processors in order to increase randomization.

The x86/mm pull request was submitted this morning by Ingo Molnar for the Linux 4.1 kernel. This pull is particularly important for AMD Linux customers using Bulldozer (Family 15h) processors as it works to address an AMD Bulldozer Linux ASLR weakness that reduces the entropy available to the system 87.5%.


If you're not familiar with this potential security issue, see AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5% for the lengthy explanation that was penned by Hector Marco back in March. With Linux 4.1 is a change by Hector to improve the AMD Bulldozer ASLR aliasing workaround to increase randomization by three-bits per-bootup. This change is documented by this patch message.

Another x86/mm change is "Reduce PAE-mode per task pgd allocation overhead from 4K to 32 bytes" by Fenghua Yu. Due to the Intel Quark SoC being 32-bit and other (new) embedded hardware being 32-bit, there's a need for more modern memory optimizations to optimize the Linux kernel's experience when it comes to this hardware. Yu explained, "With more embedded systems emerging using Quark, among other things, 32-bit kernel matters again. 32-bit machine and kernel uses PAE paging, which currently wastes at least 4K of memory per process on Linux where we have to reserve an entire page to support a single 32-byte PGD structure. It would be a very good thing if we could eliminate that wastage. PAE paging is used to access more than 4GB memory on x86-32. And it is required for NX....we can save memory space by only allocating 32-byte pgd for 32-bit PAE kernel when it is not running as a Xen domain."

More details on the other x86/mm changes for Linux 4.1 can be found by this pull request.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week