1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 15:47:44 +00:00

Base: Add KASLR to Mitigations(7)

This commit is contained in:
Idan Horowitz 2022-03-22 20:15:29 +02:00
parent b880b64446
commit d6eeb05bf9

View file

@ -326,6 +326,22 @@ Date: Tue Aug 31 16:08:11 2021 +0200
Build: Pass "-z separate-code" to linker
```
### KASLR (Kernel Address Space Layout Randomization)
The location of the kernel code is randomized at boot time, this ensures that attackers
can not use a hardcoded kernel addresses when attempting ROP, instead they must first find
an additional information leak to expose the KASLR offset.
It was first enabled in the following [commit](https://github.com/SerenityOS/serenity/commit/ece5a9a1088012ca9fadfb7e0bc3edd8029d36ad):
```
commit ece5a9a1088012ca9fadfb7e0bc3edd8029d36ad
Author Idan Horowitz <idan.horowitz@gmail.com>
Date: Mon Mar 21 22:59:48 2022 +0200
Kernel: Add an extremely primitive version of KASLR
```
## See also
* [`unveil`(2)](help://man/2/unveil)