Expand description
Kernel Address Space Layout Randomization (KASLR)
Provides address randomization for kernel text, heap, stack, and module load addresses. Uses architecture-specific hardware entropy sources (RDRAND on x86_64, RNDR on AArch64) with an xorshift64 PRNG fallback for RISC-V and other architectures.
§Design
KASLR offsets are computed once during boot and stored in a global
KaslrState protected by a RwLock. The state includes:
- text_offset: Randomized slide for kernel text/code
- heap_offset: Randomized base offset for the kernel heap
- stack_offset: Default per-thread stack randomization quantum
- module_base: Randomized base for driver/module loading
Runtime re-randomization can refresh offsets for long-running systems, though the kernel text offset is typically fixed at boot.
§Entropy Sources
| Architecture | Primary Source | Fallback |
|---|---|---|
| x86_64 | RDRAND | xorshift64 (TSC seed) |
| AArch64 | RNDR | xorshift64 (CNTPCT seed) |
| RISC-V | N/A | xorshift64 (cycle seed) |
Structs§
- Kaslr
State - Current KASLR offsets and PRNG state.
Functions§
- get_
heap_ offset - Get the kernel heap base randomization offset.
- get_
module_ base - Get a randomized module/driver load base address.
- get_
offsets - Get a snapshot of current KASLR offsets for diagnostics.
- get_
text_ offset - Get the kernel text randomization offset.
- init
- Initialize the KASLR subsystem.
- is_
active - Check if KASLR is initialized and active.
- randomize_
stack - Randomize a thread’s stack base by subtracting a random offset.
- rerandomize
- Re-randomize non-text KASLR offsets.
- rerandomize_
count - Get the number of re-randomizations performed.