On Mon, Jan 20, 2014 at 2:54 PM, Linus Torvalds <torva...@linux-foundation.org> wrote: > So I pulled this, but one question: > > On Mon, Jan 20, 2014 at 8:47 AM, H. Peter Anvin <h...@zytor.com> wrote: >> +config RANDOMIZE_BASE >> + bool "Randomize the address of the kernel image" >> + depends on RELOCATABLE >> + depends on !HIBERNATION > > How fundamental is that "!HIBERNATION" issue? Right now that > anti-dependency on hibernation support will mean that no distro kernel > will actually use the kernel address space randomization. Which > long-term is a problem. > > I'm not sure HIBERNATION is really getting all that much use, but I > suspect distros would still want to support it. > > Is it just a temporary "I wasn't able to make it work, need to get > some PM people involved", or is it something really fundamental?
Right, this is a "need to get PM people involved" situation. When kASLR was being designed, hibernation learning about the kernel base looked like a separable problem, and given the very long list of requirements for making it work at all, I carved this out as "future work". As for perf, it's similar -- it's another entirely solvable problem, but perf needs to be untaught some of its assumptions. We've had a static kernel base forever, so I'm expecting some bumps in the road here. I'm hopeful none of it will be too painful, though. -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
