Linux 4.8 Implements ASLR For Kernel Memory Sections

Written by Michael Larabel in Linux Kernel on 25 July 2016 at 07:53 AM EDT. 4 Comments
LINUX KERNEL
In addition to hardened usercopy support being prepped for the Linux 4.8 kernel, the new CONFIG_RANDOMIZE_MEMORY option was sent in this morning via a separate pull request as another security feature for the 4.8 cycle.

CONFIG_RANDOMIZE_MEMORY randomizes the virtual addresses of memory sections, including physical memory mappings, vmalloc, and vemmap. Similar to other memory randomization routines, by randomizing the virtual address space of kernel memory sections, the goal is to mitigate predictable memory locations.

The CONFIG_RANDOMIZE_MEMORY patches were sent in via the x86/boot pull request this morning by Ingo Molnar. In addition, this pull request also enhances KASLR (CONFIG_RANDOMIZE_BASE) with physical memory randomization. That work extends kernel image physical address randomization to addresses larger than 4GB, among other improvements.

More details on these x86 boot changes via the kernel mailing list.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week