Diff for /wikisrc/security/kaslr.mdwn between versions 1.4 and 1.5

version 1.4, 2018/12/29 09:43:04 version 1.5, 2020/02/14 06:37:24
Line 16  Obtain a GENERIC_KASLR kernel. Such a ke Line 16  Obtain a GENERIC_KASLR kernel. Such a ke
 the NetBSD FTP server, for example on:  the NetBSD FTP server, for example on:
   
 [[!template id=programlisting text="""  [[!template id=programlisting text="""
 https://nycdn.netbsd.org/pub/NetBSD-daily/HEAD/201812280800Z/amd64/binary/kernel/netbsd-GENERIC_KASLR.gz  https://cdn.netbsd.org/pub/NetBSD/NetBSD-9.0_RC2/amd64/binary/kernel/netbsd-GENERIC_KASLR.gz
 """]]  """]]
   
 Or compiled from scratch, using:  Or compiled from scratch, using:
Line 26  Or compiled from scratch, using: Line 26  Or compiled from scratch, using:
 # ./build.sh kernel=GENERIC_KASLR  # ./build.sh kernel=GENERIC_KASLR
 """]]  """]]
   
 Install this KASLR kernel:  Extract this KASLR kernel, and install it:
   
 [[!template id=programlisting text="""  [[!template id=programlisting text="""
 # cp /path/to/your/kaslr/kernel /netbsd_kaslr  # cp /path/to/your/kaslr/kernel /netbsd_kaslr
Line 49  time. That's it! You are now using Kerne Line 49  time. That's it! You are now using Kerne
 Technical Details  Technical Details
 -----------------  -----------------
   
 Kernel ASLR is applied by default in GENERIC on as many VM areas as possible.  "Kernel ASLR" means randomizing the location of the kernel memory areas.
 GENERIC_KASLR provides randomization of one more area: the Kernel Image.  By default, in GENERIC, all areas are already randomized except one: the
   Kernel Image.
   
   The GENERIC_KASLR configuration provides randomization of this additional
   area.
   
   Therefore, it should be understood that GENERIC actually provides 80% of
   KASLR, and GENERIC_KASLR covers the remaining 20%.
   
 Table of what gets randomized:  Table of what gets randomized:
   

Removed from v.1.4  
changed lines
  Added in v.1.5


CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb