RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-26 14:37:45 +00:00
Code Issues Activity Actions

Base: Add KASLR to Mitigations(7)

Browse source
This commit is contained in:
Idan Horowitz 2022-03-22 20:15:29 +02:00
parent b880b64446
commit d6eeb05bf9
1 changed files with 16 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

16
Base/usr/share/man/man7/Mitigations.md
View file

@ -326,6 +326,22 @@ Date: Tue Aug 31 16:08:11 2021 +0200
Build: Pass "-z separate-code" to linker
```
### KASLR (Kernel Address Space Layout Randomization)
The location of the kernel code is randomized at boot time, this ensures that attackers
can not use a hardcoded kernel addresses when attempting ROP, instead they must first find
an additional information leak to expose the KASLR offset.
It was first enabled in the following [commit](https://github.com/SerenityOS/serenity/commit/ece5a9a1088012ca9fadfb7e0bc3edd8029d36ad):
```
commit ece5a9a1088012ca9fadfb7e0bc3edd8029d36ad
Author Idan Horowitz <idan.horowitz@gmail.com>
Date: Mon Mar 21 22:59:48 2022 +0200
Kernel: Add an extremely primitive version of KASLR
```
## See also
* [`unveil`(2)](help://man/2/unveil)