* Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote: > No. It is the firmware's EFI code, and the virtual translation applied by the OS > is made known to the firmware by means of a call into the runtime service > SetVirtualAddressMap(). This service can only be called once after each boot, > and so kexec kernels are forced to use the same VA mapping for runtime services > as the first kernel. This is the whole point of having a VA region reserved for > this, so that kexec kernels are guaranteed to be able to use the same VA > mapping. Yes, but it's the kernel's EFI code that determines the area! So my suggestion: > > Preserving virtual addresses for kexec is a red herring: the randomized offset > > could be passed to the kexec-ed kernel just fine. Would solve the kexec problem, right? I.e. the first kernel that boots randomizes the address range - and passes that offset off to any subsequent kernels. Turning KASLR off actively degrades that randomization of the kernel virtual addresses. Am I missing anything? Thanks, Ingo