[Pal/Linux] Disable host-level ASLR in PAL Linux

gramineproject / graphene

Graphene / Graphene-SGX - a library OS for Linux multi-process applications, with Intel SGX support

https://grapheneproject.io

GNU Lesser General Public License v3.0

771 stars 260 forks source link

[Pal/Linux] Disable host-level ASLR in PAL Linux #2597

Closed boryspoplawski closed 3 years ago

boryspoplawski commented 3 years ago

Description of the changes

Graphene fork() emulation does fork()+execve() on the host system which effectively remats PAL executable to a new address if ASLR is on. The new location could collide with other mappings that are later on sent to the child process via checkpointing mechanism (user mapped regions).

This change is

boryspoplawski commented 3 years ago

Superseded by https://github.com/gramineproject/gramine/pull/89