NOTE: this page was created while the patch was in development and served to record some information of interest to the developers. Some of the information is outdated. See the mitigations man page for up-to-date information.
Address Space Layout Randomization (ASLR)
Support for Address Space Layout Randomization was added in FreeBSD HEAD (13-CURRENT) in base r343964. It is enabled by default in 14-CURRENT for 64bit architectures, as of base commit b014e0f15bc7. It is enabled by default for 64-bit architectures in FreeBSD 13.2 and later releases.
Architectures
ASLR is enabled on a per-ABI basis, and is supported on all architectures as of 72091bb39382abba0d71dc23738684bfb4bc2574.
Configuration
Global controls :
kern.elf{32,64}.aslr.enable - Enable address map randomization (Default: 1 for 64bit architectures, 0 for 32bit architectures)
kern.elf{32,64}.aslr.pie_enable - Enable ASLR for Position-Independent Executables (PIE) binaries (Default: 1 for 64bit architectures, 0 for 32bit architectures)
kern.elf{32,64}.aslr.honor_sbrk - Assume sbrk is used (Default: 0)
vm.cluster_anon - Cluster anonymous mappings (Default: 1)
Per-process and per-image controls:
- procctl(2) adds PROC_ASLR_CTL / PROC_ASLR_STATUS
- NT_FREEBSD_FCTL_ASLR_DISABLE feature control note bit makes it possible
- to force ASLR off for the given binary. A tool to edit the feature control note is in development.