The randomisation patch series introduces infrastructure and functionality that causes certain parts of a process' virtual address space to be different for each invocation of the process. The purpose of this is to raise the bar on buffer overflow exploits; full randomisation makes it not possible to use absolute addresses in the exploit.
I think it is worth mentioning that this is part of PaX ASLR, but with some changes and simplification.
I have some questions about the changes:
for RANDMMAP why doing randomization in mmap_base() and not in arch_pick_mmap_layout? You miss a whole case here where legacy layout is used.
-- Julien TINNES - & france telecom - R&D Division/MAPS/NSS Research Engineer - Internet/Intranet Security GPG: C050 EF1A 2919 FD87 57C4 DEDD E778 A9F0 14B9 C7D6 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
