# 2.6.30-r4: DEFAULT_MMAP_MIN_ADDR [Solved]

## Bones McCracker

This is what was generated as a default value when I ran 'make oldconfig' to prepare to build gentoo-sources-2.6.30-r4 on an x86 (Pentium 4 with only 768 MiB RAM).

CONFIG_DEFAULT_MMAP_MIN_ADDR=4096

However, the help text for this kernel configuration variable reads as follows, apparently suggesting a value of 65536.  So I'm wondering if the default is fixed number or generated based on this machine's resources, and I'm wondering what people think this should be set to.

```

CONFIG_DEFAULT_MMAP_MIN_ADDR:

This is the portion of low virtual memory which should be protected

from userspace allocation.  Keeping a user from writing to low pages

can help reduce the impact of kernel NULL pointer bugs.

For most ia64, ppc64 and x86 users with lots of address space

a value of 65536 is reasonable and should cause no problems.

On arm and other archs it should not be higher than 32768.

Programs which use vm86 functionality would either need additional

permissions from either the LSM or the capabilities module or have

this protection disabled.

This value can be changed after boot using the

/proc/sys/vm/mmap_min_addr tunable.

Symbol: DEFAULT_MMAP_MIN_ADDR [=4096]

Prompt: Low address space to protect from user allocation

   Defined at mm/Kconfig:229

   Location:

     -> Processor type and features
```

I assume this has to do with the null pointer exploit was talked about recently.

----------

## chris.c.hogan

I had this question myself and did some Googling... It's how I found your message.

Reading http://lkml.indiana.edu/hypermail/linux/kernel/0806.2/2733.html, it looks like most distributions are setting this to 64k. However, that seems to be causing problems for Wine and DOSEmu. Several bug reports are suggesting setting it to 0. However, that removes the protections that MMAP_MIN_ADDR provides. Setting it to PAGE_SIZE (4k in my case) allows the emulators to run while still providing some protections against null pointer exploits. As pointed out in the link, "there's a few things in the kernel that are bigger than 4K (or rather, lead to pointers beyond 4K)"

My interpretation of the above is to set it to 64k and see if you have any problems. It looks like LSM, SELinux and CAP might support per application control. /proc/sys/vm/mmap_min_addr is also available.

As a side, shouldn't this be in Kernel & Hardware?

----------

## Bones McCracker

Thank you.

Yes it should be.

----------

## desultory

Moved from Off the Wall to Kernel & Hardware, at BoneKracker's request.

----------

