On Mon, Apr 2, 2012 at 12:23 PM, Richard Yao <r...@cs.stonybrook.edu> wrote: > On 04/02/12 14:46, Peter Wemm wrote: >> Remember.. ASLR is a userland thing. .ko files, which is what this >> thread is about, already use random address layout. When you do a >> "kldload virtio.ko", you have no way to predict what address it will >> be loaded at. And you don't even have access to the addresses. >> >> Of course if you want to talk about ASLR and userland .so files then >> that's an entirely different thing. But this thread is about your >> tools finding DT_TEXTREL in a .ko kernel file, not userland .so files. >> > > The PaX project's patches to the Linux kernel include kernel stack > randomization. The Gentoo Hardened project makes use of this in their > fork of the Linux kernel. >
I looked at their code, and their description here: http://pax.grsecurity.net/docs/randkstack.txt Of note: "pax_randomize_kstack() gathers entropy from the rdtsc instruction (read time stamp counter) and applies it to bits 2-6 of the kernel stack pointer. This means that 5 bits are randomized providing a maximum shift of 128 bytes - this was deemed safe enough to not cause kernel stack overflows yet give enough randomness to deter guessing/brute forcing attempts." This has nothing to do with the DT_TEXTREL in .ko that this thread is about and has no bearing on ASLR in any way. -- Peter Wemm - pe...@wemm.org; pe...@freebsd.org; pe...@yahoo-inc.com; KI6FJV "All of this is for nothing if we don't go to the stars" - JMS/B5 "If Java had true garbage collection, most programs would delete themselves upon execution." -- Robert Sewell _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
