Increasing the range of address-space layout randomization [LWN.net]

Increasing the range of address-space layout randomization

Posted Dec 17, 2015 19:41 UTC (Thu) by mageta (subscriber, #89696)
Parent article: Increasing the range of address-space layout randomization

So, let me hijack this articel a bit - sry. Lately we have been seeing many discussions about security-techniques for the kernel and most of the times things pop up that have been implemented elsewere already. I am not working in that area, but I am interested in learning more about it. Is there a good place to look for docs about those existing techniques and/or proposed ones - reading the sources takes a bit too much time :).

to post comments

kernel-hardening

Posted Mar 14, 2016 15:30 UTC (Mon) by david.a.wheeler (subscriber, #72896) [Link]

It's not quite what you asked for, but the kernel-hardening mailing list discusses various efforts to harden the Linux kernel:
http://www.openwall.com/lists/kernel-hardening/

Kees Cook proposed working on Linux kernel hardening in Nov 2015: https://lwn.net/Articles/663361/ and pointed to a wiki on the "Kernel Self Protection Project" at http://kernsec.org/wiki/index.php/Kernel_Self_Protection_... - that site states, "These kinds of protections have existed for years in PaX, grsecurity, and piles of academic papers. For various social, cultural, and technical reasons, they have not made their way into the upstream kernel, and this project seeks to change that."