Linux Kernel Address Space Layout Randomization "KASLR" For RISC-V

Written by Michael Larabel in RISC-V on 16 February 2023 at 07:27 AM EST. Add A Comment
While there has been much work on the Linux kernel's RISC-V CPU architecture support, a feature not tackled until now has been the Kernel Address Space Layout Randomization (KASLR) support for randomizing the kernel mapping to enhance system security.

KASLR allows for address space randomization of the running Linux kernel. This is a beneficial security enhancement especially when challenged by other attacks that can potentially leak kernel addresses and then defeating further exploits that rely upon known offsets/locations from within kernel memory. More broadly there has also been FGKASLR for finer-grained KASLR that can randomize address space randomization down to the function level but sadly that work seems to still be stalled for the past year.

RISC-V board

Sent out on Wednesday were four kernel patches for wiring up KASLR support for the RISC-V architecture.
The following KASLR implementation allows to randomize the kernel mapping:

- virtually: we expect the bootloader to provide a seed in the device-tree
- physically: only implemented in the EFI stub, it relies on the firmware to provide a seed using EFI_RNG_PROTOCOL. arm64 has a similar implementation hence the patch 3 factorizes KASLR related functions for riscv to take advantage.

The new virtual kernel location is limited by the early page table that only has one PUD and with the PMD alignment constraint, the kernel can only take < 512 positions.

These RISC-V KASLR patches come from an engineer at Rivos, a stealth-mode start-up. The patches do depend upon other outstanding RISC-V kernel patches but hopefully we'll see this security improvement readied for mainline in the near future.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week