On Fri, Mar 24, 2017 at 11:13:34PM +0100, Joerg Sonnenberger wrote:
For what purpose? It has been shown over and over again that ASLR simply
doesn't work in a lot of situations in userland. The situation for
kernel ASLR is significantly worse. From a security standpoint, it
doesn't seem to be worth the effort. Now, there are cases on some
architectures where a relocatable kernel would be useful, but that's a
quite a bit different from ASLR.
IMHO the more interesting question is whether we can randomize some of the
VA layout the kernel enforces, which is far beyound simple ASLR (and
orthogonal).