[dpdk-dev] Question about ASLR
Matt Laswell
laswell at infiniteio.com
Fri Sep 5 20:57:04 CEST 2014
Hey Folks,
A colleague noticed warnings in section 23.3 of the programmer's guide
about the use of address space layout randomization with multiprocess DPDK
applications. And, upon inspection, it appears that ASLR is enabled on our
target systems. We've never seen a problem that we could trace back to
ASLR, and we've never see a warning during EAL memory initialiization,
either, which is strange.
Given the choice, we would prefer to keep ASLR for security reasons. Given
that in our problem domain:
- We are running a multiprocess DPDK application
- We run only one DPDK application, which is a single compiled binary
- We have exactly one process running per logical core
- We're OK with interrupts coming just to the primary
- We handle interaction from our control plane via a separate shared
memory space
Is it OK in this circumstance to leave ASLR enabled? I think it probably
is, but would love to hear reasons why not and/or pitfalls that we need to
avoid.
Thanks in advance.
--
Matt Laswell
*infinite io*
More information about the dev
mailing list