Post Syndicated from corbet original https://lwn.net/Articles/962782/

The Linux kernel uses a number of hardening techniques to try to protect
itself against compromise; one of those is kernel address-space layout
randomization (KASLR). But randomization is of little benefit if the
kernel spills the beans on where its code has ended up. As it happens, the
kernel has been doing exactly that — since 2007, in a behavior that
predates the addition of KASLR. Some changes are in the
works to close that hole, but it is illustrative of just how hard some
secrets are to keep.