Date: Fri, 17 Apr 2020 10:04:01 -0400 From: Ed Maste <emaste@freebsd.org> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: Marcin Wojtas <mw@semihalf.com>, freebsd-security@freebsd.org, Rafal Jaworowski <raj@semihalf.com> Subject: Re: ASLR/PIE status in FreeBSD HEAD Message-ID: <CAPyFy2A_71O-vW-0Qaievoi2ixh_kQU6yCa3m7nEP29-260=Bw@mail.gmail.com> In-Reply-To: <20200417130658.wijvhim5ylvgptub@mutt-hbsd> References: <CAPv3WKfYyVnfNDTPOEN6TF_GjJr=ThdNeB1yMtTEoQoxEdHMDg@mail.gmail.com> <20200417130658.wijvhim5ylvgptub@mutt-hbsd>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 17 Apr 2020 at 09:13, Shawn Webb <shawn.webb@hardenedbsd.org> wrote: > > Quick note: paxtest's algorithms for measuring ASLR was meant to test > ASLR, not FreeBSD's ASR implementation. Thus, paxtest results for > FreeBSD's ASR are moot. paxtest's entropy estimate is superficial, and indeed can produce a more or less invalid result depending on the distribution of allocated objects. There are a number of other tools which perform a more rigorous or comprehensive analysis. paxtest is useful in providing basic indication of whether various things are randomized or not.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPyFy2A_71O-vW-0Qaievoi2ixh_kQU6yCa3m7nEP29-260=Bw>