On OPNsense's 16.7 roadmap is HardenedBSD's ASLR code. This commit
separates out the ASLR code from the rest of our exploit mitigation
and system hardening code.
Testing and verification still need to be performed. Initial testing
(compile + boot + `procstat -v PIDofPIEapplication) has been
performed. More thorough testing should occur.
Shared object load order randomization in the RTLD is not included in
this patch. That will be discussed with the fine folks at OPNsense at
a later time.
On i386, the stack isn't randomized enough to provide enough space for
the VDSO to be randomized. Bump the stack randomization up to 14 for
32bit systems and lower the VDSO randomization to 8. This provides
enough of a difference between the two to allow for both stack and
VDSO randomization.
Note that ASLR on 32bit systems is still rather weak. Not much entropy
can be introduced into the stack and VDSO. Brute forcing the stack and
VDSO is well within the realm of possibility. Users are strongly
advised to migrate to 64bit systems.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
On OPNsense's 16.7 roadmap is HardenedBSD's ASLR code. This commit
separates out the ASLR code from the rest of our exploit mitigation
and system hardening code.
Testing and verification still need to be performed. Initial testing
(compile + boot + `procstat -v PIDofPIEapplication) has been
performed. More thorough testing should occur.
Shared object load order randomization in the RTLD is not included in
this patch. That will be discussed with the fine folks at OPNsense at
a later time.
Since OPNsense is based on FreeBSD 10.x, this patch will need to be
backported to 10-STABLE. However, a "horizontal port" to 11-CURRENT,
which is what this commit is, needed to be done first.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
