Re: [PATCH] ASLRv3: randomize_va_space=3 preventing offset2lib attack
From: Jiri Kosina
Date: Mon Dec 22 2014 - 15:03:35 EST
On Mon, 22 Dec 2014, Andy Lutomirski wrote:
> It could be worth having a mode that goes all out: randomize every
> single allocation independently in, say, a 45 or 46-byte range. That
> would be about as strong ASLR as we could possibly have, it would
> result in guard intervals around mmap data allocations (which has real
> value), and it would still leave plenty of space for big address space
> hogs like the Chromium sandbox.
>
> The main downside would be lots of memory used for page tables.
Plus get_random_int() during every mmap() call. Plus the resulting VA
space fragmentation.
--
Jiri Kosina
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/