bhyve could use ASLR
# psecflags `pgrep -n bhyve` 11640: /usr/sbin/bhyve -U 15d75ebd-b708-c0ef-eaa1-8670b7ce8a40 -H -B 1,manufa E: none I: none L: none U: aslr,forbidnullmap,noexecstack
For additional protection, bhyve should employ the ASLR security flag.
Updated by Andy Fiddaman 8 months ago
I've tested this on OmniOS bloody using a range of bhyve guests (illumos, Windows, Linux, FreeBSD) in a variety of configurations including PCI passthrough and VNC framebuffer.
bloody# ptree -z bhyvetest 23710 zsched 24162 bhyve-bhyvetest -k /etc/bhyve.cfg bloody# psecflags 24162 24162: bhyve-bhyvetest -k /etc/bhyve.cfg E: aslr I: none L: none U: aslr,forbidnullmap,noexecstack
Updated by Electric Monk 8 months ago
- Status changed from In Progress to Closed
- % Done changed from 0 to 100
commit 90d74ed67b4bac801bf06d75825d9a9e4bd458d0 Author: Andy Fiddaman <email@example.com> Date: 2021-05-24T18:14:16.000Z 13786 bhyve could use ASLR Reviewed by: Robert Mustacchi <firstname.lastname@example.org> Reviewed by: Patrick Mooney <email@example.com> Approved by: Dan McDonald <firstname.lastname@example.org>