Discover Security Projects News
RISC-V With Linux 6.6 Offers Better Kernel Security With KASLR
More RISC-V architecture updates were merged this weekend for the ongoing Linux 6.6 merge window.
Last week was the main RISC-V updates for Linux 6.6 that included support for Kernel Control-Flow Integrity (KCFI), crash kernels can be allocated above the 4GiB mark, support for ELFs in non-MMU configurations, and other changes. Merged this weekend were some secondary updates ready for this kernel version.
Most notable with these secondary updates is the RISC-V Linux kernel now supporting Kernel Address Space Layout Randomization (KASLR) for better security. KASLR enables address space randomization for the running Linux kernel to help defeat attacks that rely upon knowing known positions within memory to make it much harder for predicting target addresses. KASLR has long been supported on other CPU architectures while now Linux 6.6 with RISC-V supports this worthwhile kernel security feature. The RISC-V KASLR support had undergone several revisions over the past few months while is now deemed ready with Linux 6.6.