On Tue, Mar 27, 2018 at 03:53:53PM -0700, Kees Cook wrote: > I agree: pushing this off to libc leaves a lot of things unprotected. > I think this should live in the kernel. The question I have is about > making it maintainable/readable/etc. > > The state-of-the-art for ASLR is moving to finer granularity (over > just base-address offset), so I'd really like to see this supported in > the kernel. We'll be getting there for other things in the future, and > I'd like to have a working production example for researchers to > study, etc. One thing we need is to limit the fragmentation of this approach. Even on 64-bit systems, we can easily get into a situation where there isn't space to map a contiguous terabyte.
