Bug 1282518 - kernel: provide PID randomization and enable it by default
Summary: kernel: provide PID randomization and enable it by default
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-11-16 16:28 UTC by Florian Weimer
Modified: 2016-05-27 19:49 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-05-27 14:17:35 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Florian Weimer 2015-11-16 16:28:05 UTC 
It would be nice if the kernel could randomize PID (and TID) values by default.

We could use a random TIDs to support mutex hardening in glibc, detecting overwritten mutexes before using data in them in ways that could further corrupt the running process in an attacker-controlled way.
Comment 1 Josh Boyer 2015-11-16 16:30:24 UTC 
This discussion needs to happen upstream.
Comment 2 Pavel Raiskup 2016-05-27 19:31:54 UTC 
Can you please post a link(s) to upstream discussion(s)?
Comment 3 Josh Boyer 2016-05-27 19:49:48 UTC 
(In reply to Pavel Raiskup from comment #2)
> Can you please post a link(s) to upstream discussion(s)?

There aren't any that I'm aware of.  Our team doesn't have time to work on this feature, and it needs to be done upstream.
Note You need to log in before you can comment on or make changes to this bug.