TODO.kaslr revision 1.1 
1====== POINTER LEAKS ======
2
3-- Change the permissions of /dev/ksyms, as discussed in:
4       http://mail-index.netbsd.org/tech-kern/2018/01/17/msg022960.html
5
6-- The address of a non-public section is leaked because of Meltdown,
7   "jmp handler". This can easily be fixed by pushing the handlers into
8   their own section.
9
10-- Replace the "%p" fmt by something relative to the kernel section (if
11   any). Eg, from
12       printf("%p", &some_global_var); --> "0xffffffffe38010f0"
13   to
14       printf("%p", &some_global_var); --> ".data.4:0x8010f0"
15   This eases debugging and also prevents leaks if a driver prints
16   kernel addresses as debug (I've seen that already).
17
18-- PPPoE sends a kernel address as host unique. (What is this shit.)
19
20-- "netstat -nat" leaks kernel addresses.
21
22-- Investigate some other tools.
23
24-- Be careful with dmesg.
25
26====== RANDOMIZATION ======
27
28-- Randomize the PTE space.
29
30-- Randomize the kernel main memory (VM_MIN_KERNEL_ADDRESS).
31
32-- Randomize the direct map.
33
34-- Randomize the PCPU area.
35
36====== GENERAL ======
37
38-- Sort the kernel sections by size, from largest to smallest, to save
39   memory.
40
41-- Add the "pkboot" command in the EFI bootloader.
42