Reply to post: It doesn't matter that it doesn't relocate in RAM while running

NetBSD, OpenBSD improve kernel security, randomly

Christian Berger

It doesn't matter that it doesn't relocate in RAM while running

Relocating it once per boot is enough. You essentially hide a 1 Megabyte Kernel in 4Gibibytes of space... or 16 Exibytes if you're on a 64 Bit plattform. Guessing the right address gives you a 1:4096 or 1:17592186044416 chance of successfully hitting anything inside the kernel. (I may be off by a factor of 2)

And what happens if you guess wrong? Your kernel will have a page fault and cleanly terminate, resulting in a reboot and a new kernel layout.

BTW if you have guessed one address of the kernel directly, you still haven't won very much, you still need to guess what part of the kernel you've just found, and where the parts you want are.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020