www. O S N E W S .com
News Features Interviews
BlogContact Editorials

New OpenBSD kernel security feature
By Thom Holwerda, submitted by Ryan Freeman on 2017-06-14 22:15:04
Theo de Raadt unveiled and described an interesting new kernel security feature: Kernel Address Randomized Link.

Over the last three weeks I've been working on a new randomization feature which will protect the kernel.

The situation today is that many people install a kernel binary from OpenBSD, and then run that same kernel binary for 6 months or more. We have substantial randomization for the memory allocations made by the kernel, and for userland also of course.

However that kernel is always in the same physical memory, at the same virtual address space (we call it KVA).

Improving this situation takes a few steps.

38  Comments - Printer friendly - Related stories
Recent related stories
- OpenBSD on a laptop - 2018-11-03
- OpenBSD 6.4 released - 2018-10-18
- OpenBSD's unveil() - 2018-10-12
- OpenBSD on the Microsoft Surface Go - 2018-08-31
- Towards secure system graphics: Arcan and OpenBSD - 2018-04-25
- More related articles
 

Tell a friend
Your full name:
Your email address:
Your friend's email:
Anti-spam measure:
5+2=

News Features Interviews
BlogContact Editorials


WAP site - RSS feed
© OSNews LLC 1997-2007. All Rights Reserved.
The readers' comments are owned and a responsibility of whoever posted them.
Prefer the desktop version of OSNews?