Address Space Layout Randomization (ASLR)
Support for Address Space Layout Randomization was added in FreeBSD HEAD (13-CURRENT) in base r343964. It is enabled by default in 14-CURRENT for 64bit architectures, as of base commit b014e0f15bc7.
Architectures
ASLR is enabled on a per-ABI basis, and is supported on all architectures as of 72091bb39382abba0d71dc23738684bfb4bc2574.
Configuration
Global controls :
kern.elf{32,64}.aslr.enable - Enable address map randomization (Default: 1 for 64bit architectures, 0 for 32bit architectures)
kern.elf{32,64}.aslr.pie_enable - Enable ASLR for Position-Independent Executables (PIE) binaries (Default: 1 for 64bit architectures, 0 for 32bit architectures)
kern.elf{32,64}.aslr.honor_sbrk - Assume sbrk is used (Default: 0)
vm.cluster_anon - Cluster anonymous mappings (Default: 1)
Per-process and per-image controls:
- procctl(2) adds PROC_ASLR_CTL / PROC_ASLR_STATUS
- NT_FREEBSD_FCTL_ASLR_DISABLE feature control note bit makes it possible
- to force ASLR off for the given binary. A tool to edit the feature control note is in development.