RISC-V With Linux 6.6 Offers Better Kernel Security With KASLR
More RISC-V architecture updates were merged this weekend for the ongoing Linux 6.6 merge window.
Last week was the main RISC-V updates for Linux 6.6 that included support for Kernel Control-Flow Integrity (KCFI), crash kernels can be allocated above the 4GiB mark, support for ELFs in non-MMU configurations, and other changes. Merged this weekend were some secondary updates ready for this kernel version.
Most notable with these secondary updates is the RISC-V Linux kernel now supporting Kernel Address Space Layout Randomization (KASLR) for better security. KASLR enables address space randomization for the running Linux kernel to help defeat attacks that rely upon knowing known positions within memory to make it much harder for predicting target addresses. KASLR has long been supported on other CPU architectures while now Linux 6.6 with RISC-V supports this worthwhile kernel security feature. The RISC-V KASLR support had undergone several revisions over the past few months while is now deemed ready with Linux 6.6.
In addition to RISC-V KASLR support, this pull also adds support for the V extension to ptrace(), support for the BPF prog pack allocator, dynamically probing for misaligned access speed, and support for non-coherent devices on systems using the Andes AX45MP core. More details on these last minute RISC-V updates ahead of the Linux 6.6-rc1 release later today can be found via this Git merge.
Last week was the main RISC-V updates for Linux 6.6 that included support for Kernel Control-Flow Integrity (KCFI), crash kernels can be allocated above the 4GiB mark, support for ELFs in non-MMU configurations, and other changes. Merged this weekend were some secondary updates ready for this kernel version.
Most notable with these secondary updates is the RISC-V Linux kernel now supporting Kernel Address Space Layout Randomization (KASLR) for better security. KASLR enables address space randomization for the running Linux kernel to help defeat attacks that rely upon knowing known positions within memory to make it much harder for predicting target addresses. KASLR has long been supported on other CPU architectures while now Linux 6.6 with RISC-V supports this worthwhile kernel security feature. The RISC-V KASLR support had undergone several revisions over the past few months while is now deemed ready with Linux 6.6.
In addition to RISC-V KASLR support, this pull also adds support for the V extension to ptrace(), support for the BPF prog pack allocator, dynamically probing for misaligned access speed, and support for non-coherent devices on systems using the Andes AX45MP core. More details on these last minute RISC-V updates ahead of the Linux 6.6-rc1 release later today can be found via this Git merge.
Add A Comment