Diff for /wikisrc/security/kaslr.mdwn between versions 1.1 and 1.3

version 1.1, 2018/08/02 17:24:41 version 1.3, 2018/12/06 17:46:56
Line 29  Or compiled from scratch, using: Line 29  Or compiled from scratch, using:
 Install this KASLR kernel:  Install this KASLR kernel:
   
 [[!template id=programlisting text="""  [[!template id=programlisting text="""
 # cp /path/to/your/kernel /netbsd_kaslr  # cp /path/to/your/kaslr/kernel /netbsd_kaslr
 """]]  """]]
   
 Finally, add the following line in the `/boot.cfg` file:  Finally, add the following line in the `/boot.cfg` file:
Line 44  Use Line 44  Use
 ---  ---
   
 To use KASLR, just choose the "Boot KASLR" option in the menu at boot  To use KASLR, just choose the "Boot KASLR" option in the menu at boot
 time. That's it!  time. That's it! You are now using Kernel ASLR.
   
   Technical Details
   -----------------
   
   Kernel ASLR is applied by default in GENERIC on as many VM areas as possible.
   GENERIC_KASLR provides randomization of one more area: the Kernel Image.
   
   Table of what gets randomized:
   
   [[!table data="""
   Memory Region           |GENERIC                |GENERIC_KASLR          |Xen dom0/domU
   Userland                |Yes                    |Yes                    |Yes
   PTE Area                |Yes                    |Yes                    |No
   Main Kernel Memory      |Yes                    |Yes                    |Yes
   Direct Map              |Yes                    |Yes                    |[Not Applicable]
   PCPU Area               |[Not Applicable]       |[Not Applicable]       |[Not Applicable]
   Kernel Image            |No                     |Yes                    |No
   """]]
   
 Technical Resources  Technical Resources
 -------------------  -------------------

Removed from v.1.1  
changed lines
  Added in v.1.3


CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb