* H. Peter Anvin <h...@zytor.com> wrote:
> I have to admit to being somewhat skeptical toward KASLR with only 8
> bits of randomness. There are at least two potential ways of
> dramatically increasing the available randomness:
>
> 1. actually compose the kernel of multiple independently relocatable
> pieces (maybe chunk it on 2M boundaries or something.)
>
> 2. compile the kernel as one of the memory models which can be executed
> anywhere in the 64-bit address space. The cost of this would have
> to be quantified, of course.
>
> The latter is particularly something that should be considered for the
> LPF JIT, to defend against JIT spray attacks.
The cost of 64-bit RIPs is probably measurable both in cache footprint and
in execution speed.
Doing that might make sense - but unless it's surprisingly cheap to do it,
at least from a distro perspective, randomizing the kernel base using the
existing compact address space would probably be the preferred option -
even if a bigger build model was available.
Random runtime shuffling of the kernel image - is that possible with
existing toolchains?
Thanks,
Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
