Project

General

Profile

Feature #7030

want basic address space layout randomization (ASLR)

Added by Rich Lowe about 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
kernel
Start date:
2016-06-02
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:

Description

We should implement a security-flag (see #7029) which implements basic randomization of the heap, stack, and mapping base addresses. executable text randomization will require Position Independent Executables (PIE), which would be a future project.

In addition to the security-flag infrastructure, basic compatibly with Solaris is achievable via implementing the -z aslr flag to ld(1), to set the DT_SUNW_ASLR dynamic tag, which indicates a processes disposition to ASLR (if 1, always aslr, if 0, never aslr, if unset, default). This allows processes which are known to be negatively impacted by aslr to forbid it (should the security-flags configuration mandate aslr, these process will thus not run, however)


Related issues

Related to illumos gate - Feature #7029: want per-process exploit mitigation features (secflags)Closed2016-06-02

Actions

History

#1

Updated by Electric Monk over 3 years ago

  • Status changed from New to Closed
  • % Done changed from 70 to 100

git commit d2a70789f056fc6c9ce3ab047b52126d80b0e3da

commit  d2a70789f056fc6c9ce3ab047b52126d80b0e3da
Author: Richard Lowe <richlowe@richlowe.net>
Date:   2016-10-15T16:02:16.000Z

    7029 want per-process exploit mitigation features (secflags)
    7030 want basic address space layout randomization (ASLR)
    7031 noexec_user_stack should be a security-flag
    7032 want a means to forbid mappings around NULL
    Reviewed by: Robert Mustacchi <rm@joyent.com>
    Reviewed by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
    Reviewed by: Patrick Mooney <pmooney@joyent.com>
    Approved by: Dan McDonald <danmcd@omniti.com>

#2

Updated by Joshua M. Clulow about 1 year ago

  • Related to Feature #7029: want per-process exploit mitigation features (secflags) added

Also available in: Atom PDF