高技术通讯2026,Vol.36Issue(1):1-14,14.DOI:10.3772/j.issn.1002-0470.2026.01.001
基于编译的Linux内核地址空间布局控制方法
A compilation-based method for controlling the address space layout of the Linux kernel
摘要
Abstract
With the emergence of control-flow hijacking techniques such as just-in-time return-oriented programming(JIT-ROP),kernel address space layout randomization(KASLR)faces severe challenges and is evolving towards finer granularity and continuous randomization.Existing methods are generally based on source code modifications or bi-nary rewriting,which is inefficient and lacks flexibility.To address this issue,this paper designs a compilation-based address space layout control method(CAC).CAC introduces fixed entry points for functions in object files,and through compilation,generates object files that support function-level continuous randomization,featuring auto-mation and flexible control.Experimental results show that CAC successfully compiles and loads over 1 700 kernel modules.Compared with existing methods,the object file generation for individual modules is more efficient,and the runtime randomization overhead of CAC-generated object files is reduced by at least 15.0%.关键词
操作系统内核/控制流劫持/内核地址空间布局随机化/编译器插件Key words
operating system kernel/control flow hijacking/kernel address space layout randomization/com-pile plugin引用本文复制引用
李润宽,胡斌,赵小芳,史骁,蒋德钧..基于编译的Linux内核地址空间布局控制方法[J].高技术通讯,2026,36(1):1-14,14.基金项目
中国科学院计算技术研究所创新课题(E361060)资助项目. (E361060)
