Page MenuHomeFreeBSD

Update ASLR stack sysctl description in security.7 and mitigations.7
ClosedPublic

Authored by emaste on Oct 24 2023, 10:10 PM.
Tags
None
Referenced Files
F107327637: D42357.id.diff
Sun, Jan 12, 1:38 PM
Unknown Object (File)
Tue, Dec 17, 8:35 PM
Unknown Object (File)
Nov 25 2024, 4:49 PM
Unknown Object (File)
Nov 13 2024, 10:14 PM
Unknown Object (File)
Nov 13 2024, 8:38 PM
Unknown Object (File)
Nov 12 2024, 4:52 AM
Unknown Object (File)
Nov 3 2024, 11:03 AM
Unknown Object (File)
Oct 8 2024, 6:37 AM
Subscribers

Details

Summary
In an earlier implementation the stack was randomized when the enable
sysctl was set, and ASLR was enabled (in general) for the binary.  In
the current implementation the sysctl operates independently.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste created this revision.
This revision is now accepted and ready to land.Oct 24 2023, 10:12 PM

It looks like this was changed with 1811c1e957ee1250b08b3246fc0db37ddf64b736, although that still has

+.It Dv kern.elf32.aslr.stack
+If ASLR is enabled for a binary, a non-zero value enables randomization
+of the stack.
+Otherwise, the stack is mapped at a fixed location determined by the
+process ABI.