32 lines
1.2 KiB
Diff
32 lines
1.2 KiB
Diff
|
From 8930b9b96484e1fd68438c78e44b8ef7cb2d61ac Mon Sep 17 00:00:00 2001
|
||
|
|
From: Electron752 <mzoran@crowfest.net>
|
||
|
|
Date: Sat, 14 Jan 2017 02:54:26 -0800
|
||
|
|
Subject: [PATCH] ARM64: Enable Kernel Address Space Randomization (#1792)
|
||
|
|
|
||
|
|
Randomization allows the mapping between virtual addresses and physical
|
||
|
|
address to be different on each boot. This makes it more difficult
|
||
|
|
to exploit security vulnerabilities that require knowledge of fixed
|
||
|
|
hardware addresses.
|
||
|
|
|
||
|
|
The firmware generates a 8 byte random number during bootup and stores
|
||
|
|
it in the device tree under chosen/kaslr-seed. This number is used
|
||
|
|
to randomize the address mapping.
|
||
|
|
|
||
|
|
This change enables this feature in the build configuration for ARM64.
|
||
|
|
|
||
|
|
Signed-off-by: Michael Zoran <mzoran@crowfest.net>
|
||
|
|
---
|
||
|
|
arch/arm64/configs/bcmrpi3_defconfig | 1 +
|
||
|
|
1 file changed, 1 insertion(+)
|
||
|
|
|
||
|
|
--- a/arch/arm64/configs/bcmrpi3_defconfig
|
||
|
|
+++ b/arch/arm64/configs/bcmrpi3_defconfig
|
||
|
|
@@ -53,6 +53,7 @@ CONFIG_ARMV8_DEPRECATED=y
|
||
|
|
CONFIG_SWP_EMULATION=y
|
||
|
|
CONFIG_CP15_BARRIER_EMULATION=y
|
||
|
|
CONFIG_SETEND_EMULATION=y
|
||
|
|
+CONFIG_RANDOMIZE_BASE=y
|
||
|
|
CONFIG_CMDLINE="console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 root=/dev/mmcblk0p2 rootfstype=ext4 rootwait"
|
||
|
|
CONFIG_BINFMT_MISC=y
|
||
|
|
CONFIG_COMPAT=y
|