Navigation: Linux Kernel Driver DataBase - web LKDDB: Main index - G index

CONFIG_GCC_PLUGIN_RANDSTRUCT: Randomize layout of sensitive kernel structures

General informations

The Linux kernel configuration item CONFIG_GCC_PLUGIN_RANDSTRUCT:

Help text

If you say Y here, the layouts of structures that are entirely function pointers (and have not been manually annotated with __no_randomize_layout), or structures that have been explicitly marked with __randomize_layout, will be randomized at compile-time. This can introduce the requirement of an additional information exposure vulnerability for exploits targeting these structure types.

Enabling this feature will introduce some performance impact, slightly increase memory usage, and prevent the use of forensic tools like Volatility against the system (unless the kernel source tree isn't cleaned after kernel installation).

The seed used for compilation is located at scripts/gcc-plgins/randomize_layout_seed.h. It remains after a make clean to allow for external modules to be compiled with the existing seed and will be removed by a make mrproper or make distclean.

Note that the implementation requires gcc 4.7 or newer.

This plugin was ported from grsecurity/PaX. More information at: * https://grsecurity.net/ * https://pax.grsecurity.net/

Hardware

LKDDb

Raw data from LKDDb:

Sources

This page is automaticly generated with free (libre, open) software lkddb(see lkddb-sources).

The data is retrived from:

Automatic links from Google (and ads)

Custom Search

Popular queries:

Navigation: Linux Kernel Driver DataBase - web LKDDB: main index - G index

Automatically generated (in year 2017) with gen-web-lkddb.py in lkddb-sources.