ASLR (Address Space Layout Randomization) stuff (exec shield?).

Links:

• Kernel address space layout randomization (LWN, 2013)
• Linux and ASLR: kernel/randomize_va_space
• How Effective is ASLR on Linux Systems? (2013)

Questions:

• What about kernel ASLR (KASLR)? Look for RANDOMIZE options.

Binaries must be position-independent executables, so worthless on statically-compiled binaries. Possible settings:

• 0 – No randomization. Everything is static.
• 1 – Conservative randomization. Shared libraries, stack, mmap(), VDSO and heap are randomized.
• 2 – Full randomization. In addition to elements listed in the previous point, memory managed through brk() is also randomized.

Checking:

$ sysctl -a --pattern randomize
kernel.randomize_va_space = 2
$

Changing:

# echo 2 > /proc/sys/kernel/randomize_va_space
# sysctl -w kernel.randomize_va_space=2