[CFT] New Round of ASLR Patches

Shawn Webb lattera at gmail.com
Sun Jun 22 13:37:44 UTC 2014 

Hey All,

Attached is a new patch with the latest work regarding our ASLR
implementation. Here's what has changed since the last patch distributed
on 24 May 2014:

Shawn Webb:
Sat Jun 21 20:03:07 2014 -0400: PAX SEGVGUARD: Remove segvguard prior to
putting in a separate feature branch
Thu Jun 19 21:08:37 2014 -0400: PAX ASLR: More style(9) fixes
Thu Jun 19 20:59:44 2014 -0400: PAX ASLR: Add PAX_SYSCTLS to
sys/conf/NOTES
Thu Jun 19 20:48:42 2014 -0400: PAX ASLR: Remove extra NO_PIE/MK_PIE
entries that aren't now needed
Wed Jun 11 22:07:51 2014 -0400: PAX ASLR: Rollback code cleanup that
removed orig_addr from pax_aslr_mmap().
Wed Jun 11 17:54:12 2014 -0400: PAX ASLR: style(9) changes. Grammar
fixes. Code cleanup.
Fri May 30 18:36:49 2014 -0400: PAX ASLR: Pull in Oliver Pinter's change
to add stack randomization
Fri May 30 18:36:01 2014 -0400: Update copyright

Oliver Pinter:
Wed Jun 4 09:39:48 2014 +0200: PAX ASLR: added FEATURE(aslr, ...) to the
kernel, and modify ugidfw to use them
Wed May 28 00:27:06 2014 +0200: PAX: fix prison0 initialization after my
jail modifications
Sun May 25 21:20:23 2014 +0200: PAX: show pax settings in dmesg, and
validate some value
Sun May 25 19:48:44 2014 +0200: PAX ASLR: make security.pax.aslr sysctls
optional
Sun May 25 19:15:16 2014 +0200: PAX: check proc->p_ucred
Sun May 25 19:11:50 2014 +0200: PAX: added PAX_SYSCTLS kernel option
Sun May 25 19:10:16 2014 +0200: PAX ASLR: simplify jail handling
Sun May 25 19:00:12 2014 +0200: PAX: hook in pax_init_prison at
kern_jail_set

Thanks,

Shawn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2014-06-21_aslr.patch
Type: text/x-diff
Size: 92921 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20140622/82bf5171/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20140622/82bf5171/attachment.sig>

More information about the freebsd-current mailing list