Component Type: kbuild config
Description: Randomize the address of the kernel image
Build project: Kconfig (Linux kconfig) (Path: arch\arm64\Kconfig )
Other views: file explorer
Component Type: kbuild config
Description: Randomize the address of the kernel image
More info: Randomizes the physical and virtual address at which the kernel image is loaded, as a security feature that deters exploit attempts relying on knowledge of the location of kernel internals. Entropy is generated using any coprocessor 0 registers available. The kernel will be offset by up to RANDOMIZE_BASE_MAX_OFFSET. If unsure, say N.
Build project: Kconfig (Linux kconfig) (Path: arch\mips\Kconfig )
Other views: file explorer
Component Type: kbuild config
Description: Randomize the address of the kernel image
More info: Randomizes the virtual address at which the kernel image is loaded, as a security feature that deters exploit attempts relying on knowledge of the location of kernel internals. If unsure, say Y.
Build project: Kconfig (Linux kconfig) (Path: arch\powerpc\Kconfig )
Other views: file explorer
Component Type: kbuild config
Description: Randomize the address of the kernel image (KASLR)
More info: In support of Kernel Address Space Layout Randomization (KASLR), this randomizes the address at which the kernel image is loaded, as a security feature that deters exploit attempts relying on knowledge of the location of kernel internals.
Build project: Kconfig (Linux kconfig) (Path: arch\s390\Kconfig )
Other views: file explorer
Component Type: kbuild config
Description: Randomize the address of the kernel image (KASLR)
More info: In support of Kernel Address Space Layout Randomization (KASLR), this randomizes the physical address at which the kernel image is decompressed and the virtual address where the kernel image is mapped, as a security feature that deters exploit attempts relying on knowledge of the location of kernel code internals. On 64-bit, the kernel physical and virtual addresses are randomized separately. The physical address will be anywhere between 16MB and the top of physical memory (up to 64TB). The virtual address will be randomized from 16MB up to 1GB (9 bits of entropy). Note that this also reduces the memory space available to kernel modules from 1.5GB to 1GB. On 32-bit, the kernel physical and virtual addresses are randomized together. They will be randomized from 16MB up to 512MB (8 bits of entropy). Entropy is generated using the RDRAND instruction if it is supported. If RDTSC is supported, its value is mixed into the entropy pool as well. If neither RDRAND nor RDTSC are supported, then entropy is read from the i8254 timer. The usable entropy is limited by the kernel being built using 2GB addressing, and that PHYSICAL_ALIGN must be at a minimum of 2MB. As a result, only 10 bits of entropy are theoretically possible, but the implementations are further limited due to memory layouts. If unsure, say Y.
Build project: Kconfig (Linux kconfig) (Path: arch\x86\Kconfig )
Other views: file explorer