Kernel address space layout randomization

Posted Oct 13, 2013 17:26 UTC (Sun) by rwmj (subscriber, #5474)
Parent article: Kernel address space layout randomization

I understand that huge pages are 2M, but why does that mean the kernel can only go at 2M boundaries? Isn't it possible to have ELF-style symbol relocations so the kernel can be moved to smaller offsets within the page (eg. the kernel would start at 2M page boundary + 1 byte)?

Anyway, here's hoping that once this is implemented, Ubuntu will make the vmlinuz files public readable again (and thus gain the much bigger security benefits of using libguestfs and VM sandboxes for user processes).

Kernel address space layout randomization

Posted Oct 17, 2013 22:08 UTC (Thu) by heijo (guest, #88363) [Link] (3 responses)

Does Ubuntu somehow randomly alter the vmlinuz files on disk?

If not, what's the point of making them unreadable, since the attacker can, very easily and automatically, determine that the distribution is Ubuntu, and download the files from their servers?

Kernel address space layout randomization

Posted Oct 18, 2013 0:07 UTC (Fri) by spender (guest, #23067) [Link]

They don't and of course you can absolutely automatically do what you just mentioned.

As for why:
http://lmgtfy.com/?q=cargo+cult+security

-Brad

Kernel address space layout randomization

Posted Oct 18, 2013 6:21 UTC (Fri) by rwmj (subscriber, #5474) [Link] (1 responses)

There's no security added by chmod go-r those files. However there is a lot of pain caused by it.

Kernel address space layout randomization

Posted Jan 24, 2014 15:59 UTC (Fri) by deepfire (guest, #26138) [Link]

> There's no security added by chmod go-r those files.
> However there is a lot of pain caused by it.

Really?

Laying bare your code/data layouts for the local would-be-root's perusal is nothing?

OTOH, if your logic goes along the lines of "there's so many other places you can get that information from, it just doesn't matter" -- I could agree.