From 6bc53ff7dd4d3da6a52dbda626db30aec7e67389 Mon Sep 17 00:00:00 2001
From: Elliott Hughes <enh@google.com>
Date: Tue, 19 Sep 2023 18:40:03 +0000
Subject: [PATCH] arm64: update the "minimum maximum" comment.

Noticed while looking at riscv64. Looks like a bug, but actually nothing
we can do about it now or for the foreseeable future.

Bug: https://github.com/google/android-riscv64/issues/45
Test: treehugger
Change-Id: I2be81b2fd7095df40958a1f641d7b89cf5a8e41d
---
 init/security.cpp | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/init/security.cpp b/init/security.cpp
index 6e616be93..499978aa9 100644
--- a/init/security.cpp
+++ b/init/security.cpp
@@ -106,13 +106,9 @@ Result<void> SetMmapRndBitsAction(const BuiltinArguments&) {
     // uml does not support mmap_rnd_bits
     return {};
 #elif defined(__aarch64__)
-    // arm64 architecture supports 18 - 33 rnd bits depending on pagesize and
-    // VA_SIZE. However the kernel might have been compiled with a narrower
-    // range using CONFIG_ARCH_MMAP_RND_BITS_MIN/MAX. To use the maximum
-    // supported number of bits, we start from the theoretical maximum of 33
-    // bits and try smaller values until we reach 24 bits which is the
-    // Android-specific minimum. Don't go lower even if the configured maximum
-    // is smaller than 24.
+    // arm64 supports 14 - 33 rnd bits depending on page size and ARM64_VA_BITS.
+    // The kernel (6.5) still defaults to 39 va bits for 4KiB pages, so shipping
+    // devices are only getting 24 bits of randomness in practice.
     if (SetMmapRndBitsMin(33, 24, false) && (!Has32BitAbi() || SetMmapRndBitsMin(16, 16, true))) {
         return {};
     }