Hey Folks, A colleague noticed warnings in section 23.3 of the programmer's guide about the use of address space layout randomization with multiprocess DPDK applications. And, upon inspection, it appears that ASLR is enabled on our target systems. We've never seen a problem that we could trace back to ASLR, and we've never see a warning during EAL memory initialiization, either, which is strange.
Given the choice, we would prefer to keep ASLR for security reasons. Given that in our problem domain: - We are running a multiprocess DPDK application - We run only one DPDK application, which is a single compiled binary - We have exactly one process running per logical core - We're OK with interrupts coming just to the primary - We handle interaction from our control plane via a separate shared memory space Is it OK in this circumstance to leave ASLR enabled? I think it probably is, but would love to hear reasons why not and/or pitfalls that we need to avoid. Thanks in advance. -- Matt Laswell *infinite io*
