* [d-kernel] config: CONFIG_RANDOMIZE_BASE is not set
@ 2022-03-25 11:57 Andrew A. Vasilyev
2022-03-25 13:14 ` Vitaly Chikunov
2022-05-06 14:19 ` Vitaly Chikunov
0 siblings, 2 replies; 5+ messages in thread
From: Andrew A. Vasilyev @ 2022-03-25 11:57 UTC (permalink / raw)
To: devel-kernel
[-- Attachment #1.1: Type: text/plain, Size: 103 bytes --]
Hi!
Возможно ли включение CONFIG_RANDOMIZE_BASE в наших ядрах?
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 840 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [d-kernel] config: CONFIG_RANDOMIZE_BASE is not set
2022-03-25 11:57 [d-kernel] config: CONFIG_RANDOMIZE_BASE is not set Andrew A. Vasilyev
@ 2022-03-25 13:14 ` Vitaly Chikunov
2022-05-06 14:19 ` Vitaly Chikunov
1 sibling, 0 replies; 5+ messages in thread
From: Vitaly Chikunov @ 2022-03-25 13:14 UTC (permalink / raw)
To: ALT Linux kernel packages development
On Fri, Mar 25, 2022 at 02:57:40PM +0300, Andrew A. Vasilyev wrote:
> Hi!
>
> Возможно ли включение CONFIG_RANDOMIZE_BASE в наших ядрах?
В Fedora/Ubuntu/Opensuse это включено.
(Кроме того включено в -rt ядре.)
Но, интересно, от скольких CVE это защитило?
> _______________________________________________
> devel-kernel mailing list
> devel-kernel@lists.altlinux.org
> https://lists.altlinux.org/mailman/listinfo/devel-kernel
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [d-kernel] config: CONFIG_RANDOMIZE_BASE is not set
2022-03-25 11:57 [d-kernel] config: CONFIG_RANDOMIZE_BASE is not set Andrew A. Vasilyev
2022-03-25 13:14 ` Vitaly Chikunov
@ 2022-05-06 14:19 ` Vitaly Chikunov
2022-05-06 14:26 ` Dmitry V. Levin
1 sibling, 1 reply; 5+ messages in thread
From: Vitaly Chikunov @ 2022-05-06 14:19 UTC (permalink / raw)
To: ALT Linux kernel packages development
On Fri, Mar 25, 2022 at 02:57:40PM +0300, Andrew A. Vasilyev wrote:
> Hi!
>
> Возможно ли включение CONFIG_RANDOMIZE_BASE в наших ядрах?
Думаю, это возможно, если никто не против. Так как в Ubuntu и Fedora
это включено.
> _______________________________________________
> devel-kernel mailing list
> devel-kernel@lists.altlinux.org
> https://lists.altlinux.org/mailman/listinfo/devel-kernel
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [d-kernel] config: CONFIG_RANDOMIZE_BASE is not set
2022-05-06 14:19 ` Vitaly Chikunov
@ 2022-05-06 14:26 ` Dmitry V. Levin
2022-05-06 14:30 ` Vitaly Chikunov
0 siblings, 1 reply; 5+ messages in thread
From: Dmitry V. Levin @ 2022-05-06 14:26 UTC (permalink / raw)
To: devel-kernel
On Fri, May 06, 2022 at 05:19:01PM +0300, Vitaly Chikunov wrote:
> On Fri, Mar 25, 2022 at 02:57:40PM +0300, Andrew A. Vasilyev wrote:
> > Hi!
> >
> > Возможно ли включение CONFIG_RANDOMIZE_BASE в наших ядрах?
>
> Думаю, это возможно, если никто не против. Так как в Ubuntu и Fedora
> это включено.
$ grep -A3 'config RANDOMIZE_BASE' arch/x86/Kconfig
config RANDOMIZE_BASE
bool "Randomize the address of the kernel image (KASLR)"
depends on RELOCATABLE
default y
Непонятно, почему оно оказалось не включено.
--
ldv
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [d-kernel] config: CONFIG_RANDOMIZE_BASE is not set
2022-05-06 14:26 ` Dmitry V. Levin
@ 2022-05-06 14:30 ` Vitaly Chikunov
0 siblings, 0 replies; 5+ messages in thread
From: Vitaly Chikunov @ 2022-05-06 14:30 UTC (permalink / raw)
To: ALT Linux kernel packages development
On Fri, May 06, 2022 at 05:26:13PM +0300, Dmitry V. Levin wrote:
> On Fri, May 06, 2022 at 05:19:01PM +0300, Vitaly Chikunov wrote:
> > On Fri, Mar 25, 2022 at 02:57:40PM +0300, Andrew A. Vasilyev wrote:
> > > Hi!
> > >
> > > Возможно ли включение CONFIG_RANDOMIZE_BASE в наших ядрах?
> >
> > Думаю, это возможно, если никто не против. Так как в Ubuntu и Fedora
> > это включено.
>
> $ grep -A3 'config RANDOMIZE_BASE' arch/x86/Kconfig
> config RANDOMIZE_BASE
> bool "Randomize the address of the kernel image (KASLR)"
> depends on RELOCATABLE
> default y
>
> Непонятно, почему оно оказалось не включено.
Другой вопрос - есть ли хоть 1 CVE от которого защитила эта опция.
>
>
> --
> ldv
> _______________________________________________
> devel-kernel mailing list
> devel-kernel@lists.altlinux.org
> https://lists.altlinux.org/mailman/listinfo/devel-kernel
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-05-06 14:30 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-25 11:57 [d-kernel] config: CONFIG_RANDOMIZE_BASE is not set Andrew A. Vasilyev
2022-03-25 13:14 ` Vitaly Chikunov
2022-05-06 14:19 ` Vitaly Chikunov
2022-05-06 14:26 ` Dmitry V. Levin
2022-05-06 14:30 ` Vitaly Chikunov
ALT Linux kernel packages development
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/devel-kernel/0 devel-kernel/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 devel-kernel devel-kernel/ http://lore.altlinux.org/devel-kernel \
devel-kernel@altlinux.org devel-kernel@altlinux.ru devel-kernel@altlinux.com
public-inbox-index devel-kernel
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.devel-kernel
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git