Re: [PATCH 3/3] x86: kernel base offset ASLR

[Ingo Molnar]

* H. Peter Anvin <hpa@xxxxxxxxx> wrote:

> I have to admit to being somewhat skeptical toward KASLR with only 8 
> bits of randomness.  There are at least two potential ways of 
> dramatically increasing the available randomness:
> 
> 1. actually compose the kernel of multiple independently relocatable
>    pieces (maybe chunk it on 2M boundaries or something.)
> 
> 2. compile the kernel as one of the memory models which can be executed
>    anywhere in the 64-bit address space.  The cost of this would have
>    to be quantified, of course.
> 
> The latter is particularly something that should be considered for the 
> LPF JIT, to defend against JIT spray attacks.

The cost of 64-bit RIPs is probably measurable both in cache footprint and 
in execution speed.

Doing that might make sense - but unless it's surprisingly cheap to do it, 
at least from a distro perspective, randomizing the kernel base using the 
existing compact address space would probably be the preferred option - 
even if a bigger build model was available.

Random runtime shuffling of the kernel image - is that possible with 
existing toolchains?

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/