From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pd0-f176.google.com (mail-pd0-f176.google.com [209.85.192.176]) by dpdk.org (Postfix) with ESMTP id 381E7B373 for ; Fri, 5 Sep 2014 20:52:19 +0200 (CEST) Received: by mail-pd0-f176.google.com with SMTP id w10so6940160pde.21 for ; Fri, 05 Sep 2014 11:57:05 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=iX1UjY2mmJ3qD+3xKLjY3+azg2oZGDWM/6/Ay7Alw1U=; b=mxvQuNnalh0zpNLg4Mp+foibaIaBagqF33zZ2Zt/5sbGAmjiq5qEvDfHkaE7Khuqif eE3oltwdihqvLVsHFNbAnE97O6vfKmbm+aIx2RYGLMJFothci6fiVxCbA4toYKN1XMj9 6QjIShNzjuQIOEDrd7vdf4kTZddncg2Mm9gLwfOWBGe53V66NWSM6C6gFHYPM3wY9OMe w9PItNlyTaBvN/gDDjkNjRIqHbuMwQoyGCdCxMbBJUZpX7YWsYeqOwI5v339lOD5SLUN ialXNwH1sLIzayOm1+L/cUMuwm1ESK+T/uXS8UwZlKCbWSLGEj7iSlgLz+1lp/AEiM+p SfCw== X-Gm-Message-State: ALoCoQnscY4pZ85r2k+jV9n2+DuSBjawApmLqFL4r2vq9fT6rDz1oboJ0P3F2qj56/xQHwvpoPcr MIME-Version: 1.0 X-Received: by 10.66.243.208 with SMTP id xa16mr23815200pac.41.1409943424993; Fri, 05 Sep 2014 11:57:04 -0700 (PDT) Received: by 10.70.30.36 with HTTP; Fri, 5 Sep 2014 11:57:04 -0700 (PDT) Date: Fri, 5 Sep 2014 13:57:04 -0500 Message-ID: From: Matt Laswell To: "dev@dpdk.org" Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.15 Subject: [dpdk-dev] Question about ASLR X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Sep 2014 18:52:19 -0000 Hey Folks, A colleague noticed warnings in section 23.3 of the programmer's guide about the use of address space layout randomization with multiprocess DPDK applications. And, upon inspection, it appears that ASLR is enabled on our target systems. We've never seen a problem that we could trace back to ASLR, and we've never see a warning during EAL memory initialiization, either, which is strange. Given the choice, we would prefer to keep ASLR for security reasons. Given that in our problem domain: - We are running a multiprocess DPDK application - We run only one DPDK application, which is a single compiled binary - We have exactly one process running per logical core - We're OK with interrupts coming just to the primary - We handle interaction from our control plane via a separate shared memory space Is it OK in this circumstance to leave ASLR enabled? I think it probably is, but would love to hear reasons why not and/or pitfalls that we need to avoid. Thanks in advance. -- Matt Laswell *infinite io*