The randomisation patch series introduces infrastructure and functionality that causes certain parts of a process' virtual address space to be different for each invocation of the process. The purpose of this is to raise the bar on buffer overflow exploits; full randomisation makes it not possible to use absolute addresses in the exploit.
This first series only does a partial randomisation, future series will randomize other parts of the virtual address space as well. 01-sysctl-A0 - introduce a sysctl to enable/disable 02-randomize-infrastructure - infrastructure helpers 03-PF_RANDOMIZE - per process flag to enable/disable 04-stack - start randomizing the stack pointer 05-mmap - start randomizing mmap addresses 06-default-enable - enable randomisation by default (for -mm testing only) This series does NOT randomize the brk() area and does not yet add support for PIE binaries. This I will leave to a next series; this one should first settle down. Signed-off-by: Arjan van de Ven <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
