Information Technology News.


OpenBSD adds new security feature to its kernel

Share on Twitter.

Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

June 19, 2017

We've learned today that OpenBSD has added a new security feature to its kernel designed to harden it against specific buffer overruns. The new feature is dubbed 'KARL' (kernel address randomised link).

The various changes are described in a note to an OpenBSD developer list penned by founder and lead developer Theo de Raadt.

The concept is to randomise how the OS kernel loads, so that the loading itself gets the same benefits as they apply to for example application memory in ASLR (address space layout randomisation).

In that manner, an attacker simply cannot rely on predictable memory allocations to identify where a buffer overrun might land in the memory, greatly improving the overall security of the operating system.

After a typical installation, the kernel binaries will run for several months at a time and the OS is always in the same physical memory, at the same virtual address space. OpenBSD calls it KVA.

To solve that, de Raadt, with the help of co-workers Visa Hankala and Patrick Wildt have implemented a new model in which every new kernel is unique, and the relative offsets between functions and data are unique.

Instead of loading locore.s (the kernel bootstrap), then the linked c files deterministically, the new process he describes simply breaks the loading up somewhat.

Locore is split into two files-- one is a bootstrap, that is left at the beginning. The assembly language runtime and all other files are linked in random fashion, asserted de Raadt.

But the bootstrap isn't yet random. It's simply at a well-known address, so once the system is running, the kernel blasts the bootstrap code into oblivion by smashing it with TRAP instructions or unmapping, says OpenBSD. Of course, this all depends on the processor architecture.

The next step is to provide what he calls the scaffolding necessary to create a newly-linked kernel at every reboot, in an effort to make it more difficult for a potential hacker to predict memory locations.

Source: Open BSD.


Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

Share on Twitter.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.