On Sat, 23 May 2026 22:38:56 -0000, Lloyd wrote: > I'd like to understand the difference in threat model for running > reordering every boot vs once per host, at kernel installation time. > > What additional level of tangible mitigation does this provide?
Imagine someone find a remotely exploitable kernel bug. They cannot reliably use it due to the randomization on kernel install, so a crash is likely while they try to locate the offset of the vulnerable code. If the system reboots on crash with the same kernel, the attacker can continue right where they left off. If upon reboot the kernel is running with the symbols in different locations, the attacker has to start over from the beginning. At least that's my understanding... - todd
