This repository was archived by the owner on Nov 19, 2021. It is now read-only.
This repository was archived by the owner on Nov 19, 2021. It is now read-only.
Inaccurate readings randomize_layout [Linux Kernel] #48
Description
The current implementation for the Linux kernel debugging lacks support for kernel 4.13+ because of the randomize_layout security feature which randomizes the location of struct members during the kernel compilation process, thus the offset of each element may vary resulting in inaccurate readings.
More information here about the feature
https://lwn.net/Articles/722293/
note the randomized_struct_fields_start used in
Kernel 4.13+
struct task_struct
{
#ifdef CONFIG_THREAD_INFO_IN_TASK
struct thread_info thread_info;
#endif
volatile long state;
randomized_struct_fields_start
void *stack;
...
which was not yet implemented in previous kernel versions
Kernel 4.12-
struct task_struct {
#ifdef CONFIG_THREAD_INFO_IN_TASK
struct thread_info thread_info;
#endif
volatile long state;
void *stack;