On Wed, Feb 28, 2018 at 08:13:00PM +0300, Ilya Smith wrote: > > It would be worth spelling out the "not recommended" bit some more > > too: this fragments the mmap space, which has some serious issues on > > smaller address spaces if you get into a situation where you cannot > > allocate a hole large enough between the other allocations. > > > > I’m agree, that's the point.
Would it be worth randomising the address returned just ever so slightly? ie instead of allocating exactly the next address, put in a guard hole of (configurable, by default maybe) 1-15 pages? Is that enough extra entropy to foil an interesting number of attacks, or do we need the full randomise-the-address-space approach in order to be useful?