os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add Shawn Webb <shawn.webb@hardenedbsd.org>'s ASLR report.

Browse source
This commit is contained in:
Warren Block 2015-07-14 17:15:40 +00:00
parent 541fa42438
commit 5f94814b76
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=46975
1 changed files with 115 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

115
en_US.ISO8859-1/htdocs/news/status/report-2015-04-2015-06.xml
View file

@ -1356,4 +1356,119 @@
</task>
</help>
</project>
<project cat='proj'>
<title>Address Space Layout Randomization (ASLR)</title>
<contact>
<person>
<name>
<given>Shawn</given>
<common>Webb</common>
</name>
<email>shawn.webb@hardenedbsd.org</email>
</person>
<person>
<name>
<given>Oliver</given>
<common>Pinter</common>
</name>
<email>oliver.pinter@hardenedbsd.org</email>
</person>
<person>
<name>HardenedBSD</name>
<email>core@hardenedbsd.org</email>
</person>
</contact>
<links>
<url href="https://hardenedbsd.org/">HardenedBSD</url>
<url href="https://hardenedbsd.org/article/shawn-webb/2015-06-30/introducing-true-stack-randomization">True Stack Randomization</url>
<url href="https://hardenedbsd.org/article/shawn-webb/2015-07-06/announcing-aslr-completion">Announcing ASLR Completion</url>
<url href="https://hardenedbsd.org/article/shawn-webb/2015-07-11/call-donations">Call for Donations</url>
<url href="https://www.soldierx.com/">SoldierX</url>
</links>
<body>
<p>HardenedBSD is a downstream distribution of &os; aimed at
implementing exploit mitigation and security technologies.
The HardenedBSD development team has focused on several key
features, one being Address Space Layout Randomization (ASLR).
ASLR is a computer security technique that aids in mitigating
low-level vulnerabilities such as buffer overflows. ASLR
randomizes the memory layout of running applications to
prevent an attacker from knowing where a given vulnerability
lies in memory.</p>
<p>This last quarter, the HardenedBSD team has finalized the
core implementation of ASLR. We implemented true stack
randomization along with a random stack gap. This change
allows us to apply 42 bits of entropy to the stack, the
highest of any operating system. We bumped the
<tt>hardening.pax.aslr.stack_len</tt> <tt>sysctl(8)</tt> to 42
by default on amd64.</p>
<p>We also now randomize the Virtual Dynamic Shared Object
(VDSO). The VDSO is one or more pages of memory shared
between the kernel and the userland. On amd64, it contains
the signal trampoline and timing code
(<tt>gettimeofday(4)</tt>, for example).</p>
<p>With these two changes, the ASLR implementation is now
complete. There are still tasks to work on, however. We need
to update our documentation and enhance a few pieces of code.
Our ASLR implementation is in use in production by HardenedBSD
and is performing robustly.</p>
<p>Additionally, we are currently running a fundraiser to help
us establish a not-for-profit organization and for hardware
updates. We have received a lot of help from the community
and we greatly appreciate the help. We need further help
to take the project to the next level. We look forward to
working with the &os; project in providing excellent
security.</p>
</body>
<sponsor>
SoldierX
</sponsor>
<help>
<task>
<p>Update the <tt>aslr(4)</tt> manpage and the wiki
page.</p>
</task>
<task>
<p>Improve the Shared Object load order feature with Michael
Zandi's improvements.</p>
</task>
<task>
<p>Re-port the ASLR work to vanilla &os;. Include the
custom work requested by &os; developers.</p>
</task>
<task>
<p>Close the existing review on Phabricator.</p>
</task>
<task>
<p>Open multiple smaller reviews for pieces of the ASLR
patch that can be split out logically.</p>
</task>
<task>
<p>Perform a special backport to HardenedBSD 10-STABLE for
OPNSense to pull in.</p>
</task>
<task>
<p><tt>golang</tt> segfaults in HardenedBSD. Help would be
nice in debugging.</p>
</task>
</help>
</project>
</report>