|
|
|
|
|
|
by tedunangst
2618 days ago
|
|
|
The typical approach of sliding the kernel around only offers limited benefit. One leaked address and you're done. The current approach, called KARL, relinks the kernel so that while it may load at the same address, symbols internally do not have the same offset. Learning the address of printf will not reveal the address of malloc and so forth. In the context of kernel defense, I would argue this is more effective. Also, simply as a practical matter, the bootloader and kernel are tightly coupled in ways that make altering the load address a nontrivial endeavor. |
|
|