On Fri, Mar 24, 2017 at 11:13:34PM +0100, Joerg Sonnenberger wrote: > For what purpose? It has been shown over and over again that ASLR simply > doesn't work in a lot of situations in userland. The situation for > kernel ASLR is significantly worse. From a security standpoint, it > doesn't seem to be worth the effort. Now, there are cases on some > architectures where a relocatable kernel would be useful, but that's a > quite a bit different from ASLR.
IMHO the more interesting question is whether we can randomize some of the VA layout the kernel enforces, which is far beyound simple ASLR (and orthogonal). Martin
