KASLR support on ARM with Kernel 4.9 and 4.14

Pintu Agarwal pintu.ping at gmail.com
Fri Sep 25 11:03:59 EDT 2020


Hi All,

This is regarding the KASLR feature support on ARM for the kernel
version 4.9 and 4.14.

Is KASLR supported on ARM-32 Linux 4.9 and above ?
Is it dependent on CONFIG_RANDOMIZE_BASE or
/proc/sys/kernel/randomize_va_space ?
Is there any relation between these two?
Is the changing kernel symbols (in every boot), only possible if KASLR
is enabled, or there is another way it can happen?

I have these queries because,
In one of the arm-32 devices with Kernel 4.14, I observed that
CONFIG_RANDOMIZE_BASE is not available.
But /proc/sys/kernel/randomize_va_space is set to 2.
However, I also observed that symbol addresses are changing in every boot.

1st boot cycle:
[root ~]# cat /proc/kallsyms | grep "sys_open"
a5b4de92 T sys_open
[root at sa515m ~]#

2nd boot cycle:
[root ~]# cat /proc/kallsyms | grep "sys_open"
f546ed66 T sys_open

So, I am wondering how this is possible without KASLR
(CONFIG_RANDOMIZE_BASE) support in Kernel ?

Similarly, with Kernel 4.9 and CONFIG_RANDOMIZE_BASE is not available
but /proc/sys/kernel/randomize_va_space is set to 2.
But here, the addresses are remaining same.

1st Run:
[root~]# cat /proc/kallsyms | grep "sys_open"
c01ed68c T sys_open
[root ~]#

*** reboot ***
[root ~]# cat /proc/kallsyms | grep "sys_open"
c01ed68c T sys_open


Is there any other difference between these two kernel versions with
respect to changing symbol addresses ?

Thanks,
Pintu



More information about the Kernelnewbies mailing list