version 1.49, 2017/06/26 17:18:57 |
version 1.50, 2017/07/03 22:01:03 |
|
|
protection against address space discovery attacks. Implemented first by |
protection against address space discovery attacks. Implemented first by |
Damien Miller (<a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a> 2004), Claudio Jeker (<a href="https://man.openbsd.org/OpenBSD-current/man8/bgpd.8">bgpd(8)</a>, 2015), Eric Faurot (<a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>, 2016), |
Damien Miller (<a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a> 2004), Claudio Jeker (<a href="https://man.openbsd.org/OpenBSD-current/man8/bgpd.8">bgpd(8)</a>, 2015), Eric Faurot (<a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>, 2016), |
Rafael Zalamena (various, 2016), and others. |
Rafael Zalamena (various, 2016), and others. |
|
<li>The .o files of the kernel are relinked in random order from a link-kit, |
|
before every reboot. This provides substantial interior randomization in |
|
the kernel's text and data segments for layout and relative branches/calls. |
|
Basically a unique address space for each kernel boot, similar to the userland |
|
fork+exec model described above but for the kernel. Theo de Raadt, June 2017. |
</ul> |
</ul> |
|
|
<h3>Functions</h3> |
<h3>Functions</h3> |