Run-time address space randomization effect on System.map

Question

System.map file in Linux is generatied after OS is built. I am wondering whether using a "run-time" address randomization technique would make the addresses within system.map invalid.

Answer 1

There is not (yet), at least not fully. Only the base address for the kernel code segment is randomizable.

See this LWN article for details / more references.

The method mentioned there basically adds a constant (chosen randomly at boot time) to the kernel code segment load address; this means relative offsets in System.map stay valid, if you've got the real address for a single symbol you can derive all others.