Contributed by pitrh on Thu Jun 22 06:55:25 2017 from the just enough ROP to TRAP yourself dept. You heard it here first: Trapsleds are in, and it makes OpenBSD even safer.
You heard it here (or on tech@) first: Trapsleds are in, and it makes OpenBSD even safer. Work done by Todd Mortimer and submitted to tech@ in the Trapsleds thread was later committed by Theo de Raadt.
Todd's message to tech says,
I have attached a patch that converts NOP padding from the assembler
into INT3 padding on amd64. The idea is to remove potentially conveinent
NOP sleds from programs and libraries, which makes it harder for an
attacker to hit any ROP gadgets or other instructions after a NOP sled.
Many thanks to all donors and patrons who generously invested in GhostBSD this last May, a total of 557.82$ was raised, and like always you ensured that we could meet all the costs associated with running our web server and our packages builder servers for GhostBSD.
OpenBSD has a new security feature designed to harden it against kernel-level buffer overruns, the "KARL" .
message to the tech@ mailing list,
Theo de Raadt (deraadt@) has announced a new randomization feature for
Over the last three weeks I've been working on a new randomization
feature which will protect the kernel.
Recently I moved all our kernels to a new mapping model, with patrick
and visa taking care of two platforms.
As a result, every new kernel is unique. The relative offsets between
functions and data are unique.
However, snapshots of -current contain a futher change, which I
worked on with Robert Peichaer (rpe@):
That change is scaffolding to ensure you boot a newly-linked kernel
upon every reboot.[...]
Read the full message
for the juicy details.
Note that, because of the new mechanisms, unhibernate does not work on
-current (for now).
- DragonFlyBSD Digest
- Jeremy C Reed
- BSD MAG