Re: [RFC][PATCH] Randomize kernel base address on boot

[Kees Cook]

On Fri, May 27, 2011 at 08:17:24PM +0200, Ingo Molnar wrote:
>  - Boot time dynamic randomization allows randomization of 'mass 
>    install' systems, where the same image is used, to still be 
>    randomized: for example a million phones all with the same Flash 
>    ROM image and no 'install' performed at all on them.
> 
>    With static randomization these systems will all have the same
>    kernel addresses.
> 
>  - Boot time dynamic randomization allows read-only systems to still 
>    be randomized: for example internet cafes that use some popular 
>    pre-packaged kiosk-mode live-DVD. They probably wont bother 
>    randomizing and relinking the ISOs per machine and burning per 
>    machine DVDs ...

These 2 points are pretty significant, IMO.

And frankly, distros almost fall into these categories already. IIUC,
a distro would need to ship all of the .o files from each config of the
kernel they ship so each system could do the relinking. That's not a
small foot print to suddenly add to base installs.

-Kees

-- 
Kees Cook
Ubuntu Security Team
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/