Marco Gisbert, Hector (Recipient) & Ripoll, Ismael (Recipient)
Prize: National/international honour
Description
Google rewarded us for the AMD Bulldozer ASLR security contribution to the Linux kernel.
This problem was identified by AMD in 2012 in a white paper called "Shared Level-1 instruction-cache performance on AMD family 15h CPUs" [pdf]. In this paper, they proposed five solutions and workarounds. Unfortunately, the final patch that they proposed and implemented in the Linux kernel reduced the entropy of the ASLR (on AMD 15h family) by 87.5%.
We have been rewarded by the novel bit-slicing ASLR randomization form which is one of the new elements of the ASLR-NG for Linux we are working on.