From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <laswell@infiniteio.com>
Received: from mail-pd0-f176.google.com (mail-pd0-f176.google.com
 [209.85.192.176]) by dpdk.org (Postfix) with ESMTP id 381E7B373
 for <dev@dpdk.org>; Fri,  5 Sep 2014 20:52:19 +0200 (CEST)
Received: by mail-pd0-f176.google.com with SMTP id w10so6940160pde.21
 for <dev@dpdk.org>; Fri, 05 Sep 2014 11:57:05 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:date:message-id:subject:from:to
 :content-type;
 bh=iX1UjY2mmJ3qD+3xKLjY3+azg2oZGDWM/6/Ay7Alw1U=;
 b=mxvQuNnalh0zpNLg4Mp+foibaIaBagqF33zZ2Zt/5sbGAmjiq5qEvDfHkaE7Khuqif
 eE3oltwdihqvLVsHFNbAnE97O6vfKmbm+aIx2RYGLMJFothci6fiVxCbA4toYKN1XMj9
 6QjIShNzjuQIOEDrd7vdf4kTZddncg2Mm9gLwfOWBGe53V66NWSM6C6gFHYPM3wY9OMe
 w9PItNlyTaBvN/gDDjkNjRIqHbuMwQoyGCdCxMbBJUZpX7YWsYeqOwI5v339lOD5SLUN
 ialXNwH1sLIzayOm1+L/cUMuwm1ESK+T/uXS8UwZlKCbWSLGEj7iSlgLz+1lp/AEiM+p
 SfCw==
X-Gm-Message-State: ALoCoQnscY4pZ85r2k+jV9n2+DuSBjawApmLqFL4r2vq9fT6rDz1oboJ0P3F2qj56/xQHwvpoPcr
MIME-Version: 1.0
X-Received: by 10.66.243.208 with SMTP id xa16mr23815200pac.41.1409943424993; 
 Fri, 05 Sep 2014 11:57:04 -0700 (PDT)
Received: by 10.70.30.36 with HTTP; Fri, 5 Sep 2014 11:57:04 -0700 (PDT)
Date: Fri, 5 Sep 2014 13:57:04 -0500
Message-ID: <CA+GnqAoy+jAB5RC5BPfmF6GOJmB6Pe_do5ePXzmKcPpxRC=fRA@mail.gmail.com>
From: Matt Laswell <laswell@infiniteio.com>
To: "dev@dpdk.org" <dev@dpdk.org>
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: [dpdk-dev] Question about ASLR
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Sep 2014 18:52:19 -0000

Hey Folks,

A colleague noticed warnings in section 23.3 of the programmer's guide
about the use of address space layout randomization with multiprocess DPDK
applications.  And, upon inspection, it appears that ASLR is enabled on our
target systems.  We've never seen a problem that we could trace back to
ASLR, and we've never see a warning during EAL memory initialiization,
either, which is strange.

Given the choice, we would prefer to keep ASLR for security reasons.  Given
that in our problem domain:
   - We are running a multiprocess DPDK application
   - We run only one DPDK application, which is a single compiled binary
   - We have exactly one process running per logical core
   - We're OK with interrupts coming just to the primary
   - We handle interaction from our control plane via a separate shared
memory space

Is it OK in this circumstance to leave ASLR enabled?  I think it probably
is, but would love to hear reasons why not and/or pitfalls that we need to
avoid.

Thanks in advance.

--
Matt Laswell
*infinite io*