Reply to post:

NetBSD, OpenBSD improve kernel security, randomly

patrickstar

File locking has nothing to do with a running kernel. Kernel code is typically not pageable, or atleast not a lot of it.

For the record, Windows has had kernel ASLR for quite some time now. I think since 8.

Relocating a running kernel, while probably technically possible, is tricky to say the least. And it would take quite some time and be a huge performance hit if done regularly, since at the very least you need to stop all CPUs. You can't let them keep executing in userland and get any meaningful work done, since any page fault or other interrupt can't be handled until the relocation is complete.

And this is just for moving the code - if you want to randomize data as well you're in for a lot of pain.

There wouldn't really be any security benefit over just randomizing things at boot. Leaking kernel addresses and then exploiting a bug takes place in several orders of magnitude less time than the frequency at which you could ever perform a total relocation of the kernel.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020