Skip to content

Commit

Permalink
ARM64: Enable Kernel Address Space Randomization (#1792)
Browse files Browse the repository at this point in the history 
Randomization allows the mapping between virtual addresses and physical
address to be different on each boot.  This makes it more difficult
to exploit security vulnerabilities that require knowledge of fixed
hardware addresses.

The firmware generates a 8 byte random number during bootup and stores
it in the device tree under chosen/kaslr-seed. This number is used
to randomize the address mapping.

This change enables this feature in the build configuration for ARM64.

Signed-off-by: Michael Zoran <mzoran@crowfest.net>
  • Loading branch information
@Electron752 @popcornmix
Electron752 authored and popcornmix committed Feb 4, 2017
1 parent d6fbb7b commit 8930b9b
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions arch/arm64/configs/bcmrpi3_defconfig
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@ CONFIG_ARMV8_DEPRECATED=y
CONFIG_SWP_EMULATION=y
CONFIG_CP15_BARRIER_EMULATION=y
CONFIG_SETEND_EMULATION=y
CONFIG_RANDOMIZE_BASE=y
CONFIG_CMDLINE="console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 root=/dev/mmcblk0p2 rootfstype=ext4 rootwait"
CONFIG_BINFMT_MISC=y
CONFIG_COMPAT=y
Expand Down

0 comments on commit 8930b9b

Please sign in to comment.