NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: port-amd64/58366: KASLR broken
On Sun, Jun 30, 2024 at 02:35:34PM +0000, Taylor R Campbell wrote:
> But when the kernel is linked with `--split-by-file=0x100000', the
> combined .rodata section is split into multiple subsections sometimes
> on _non-aligned_ boundaries with _less_ alignment:
Changing this to --split-by-file=0x800000 seems to improve things,
with that I survived a couple of reboot loops without any issues. But
I might have just gotten (un)lucky of course. I don't know if values
that are not powers of two make sense here but 0x400000 is not enough,
with that I still see the panics.
> We can try removing `--split-by-file', but that will reduce the
> efficacy of KASLR as a security measure, since it will only be able to
> randomize .rodata (and .text and .data and ...) as a whole and not the
> separate parts of each section independently.
Yes, without --split-by-file I also don't see the panics anymore.
Harold
Home |
Main Index |
Thread Index |
Old Index