Source-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: src/sys
Module Name: src
Committed By: christos
Date: Wed Dec 26 22:11:54 UTC 2007
Modified Files:
src/sys/conf: files
src/sys/kern: exec_elf32.c exec_subr.c init_sysctl.c kern_exec.c
kern_pax.c kern_sig.c
src/sys/sys: exec.h exec_elf.h pax.h proc.h
src/sys/uvm: uvm_extern.h uvm_mmap.c
Log Message:
Add PaX ASLR (Address Space Layout Randomization) [from elad and myself]
For regular (non PIE) executables randomization is enabled for:
1. The data segment
2. The stack
For PIE executables(*) randomization is enabled for:
1. The program itself
2. All shared libraries
3. The data segment
4. The stack
(*) To generate a PIE executable:
- compile everything with -fPIC
- link with -shared-libgcc -Wl,-pie
This feature is experimental, and might change. To use selectively add
options PAX_ASLR=0
in your kernel.
Currently we are using 12 bits for the stack, program, and data segment and
16 or 24 bits for mmap, depending on __LP64__.
To generate a diff of this commit:
cvs rdiff -r1.878 -r1.879 src/sys/conf/files
cvs rdiff -r1.127 -r1.128 src/sys/kern/exec_elf32.c
cvs rdiff -r1.56 -r1.57 src/sys/kern/exec_subr.c
cvs rdiff -r1.115 -r1.116 src/sys/kern/init_sysctl.c
cvs rdiff -r1.259 -r1.260 src/sys/kern/kern_exec.c
cvs rdiff -r1.17 -r1.18 src/sys/kern/kern_pax.c
cvs rdiff -r1.262 -r1.263 src/sys/kern/kern_sig.c
cvs rdiff -r1.118 -r1.119 src/sys/sys/exec.h
cvs rdiff -r1.93 -r1.94 src/sys/sys/exec_elf.h
cvs rdiff -r1.9 -r1.10 src/sys/sys/pax.h
cvs rdiff -r1.265 -r1.266 src/sys/sys/proc.h
cvs rdiff -r1.141 -r1.142 src/sys/uvm/uvm_extern.h
cvs rdiff -r1.119 -r1.120 src/sys/uvm/uvm_mmap.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index