Hey All, You can find the new ASLR patch for 10-STABLE here: http://0xfeedface.org/~shawn/patches/2014-06-28_aslr_10-stable.patch Here's what's changed since our last our of patches on 24 May 2014: Shawn Webb: Sat Jun 28 09:57:19 2014 -0400: PAX ASLR: Move the mmap randomization to a better spot as suggested by Alan Cox Fri Jun 27 09:26:18 2014 -0400: PAX ASLR: Remove erroneous line of code Sat Jun 21 20:03:07 2014 -0400: PAX SEGVGUARD: Remove segvguard prior to putting in a separate feature branch Thu Jun 19 21:08:37 2014 -0400: PAX ASLR: More style(9) fixes Thu Jun 19 20:59:44 2014 -0400: PAX ASLR: Add PAX_SYSCTLS to sys/conf/NOTES Thu Jun 19 20:48:42 2014 -0400: PAX ASLR: Remove extra NO_PIE/MK_PIE entries that aren't now needed Wed Jun 11 22:07:51 2014 -0400: PAX ASLR: Rollback code cleanup that removed orig_addr from pax_aslr_mmap(). Wed Jun 11 17:54:12 2014 -0400: PAX ASLR: style(9) changes. Grammar fixes. Code cleanup. Fri May 30 18:36:49 2014 -0400: PAX ASLR: Pull in Oliver Pinter's change to add stack randomization Fri May 30 18:36:01 2014 -0400: Update copyright Oliver Pinter: Wed Jun 4 09:39:48 2014 +0200: PAX ASLR: added FEATURE(aslr, ...) to the kernel, and modify ugidfw to use them Wed May 28 00:27:06 2014 +0200: PAX: fix prison0 initialization after my jail modifications Sun May 25 21:20:23 2014 +0200: PAX: show pax settings in dmesg, and validate some value Sun May 25 19:48:44 2014 +0200: PAX ASLR: make security.pax.aslr sysctls optional Sun May 25 19:15:16 2014 +0200: PAX: check proc->p_ucred Sun May 25 19:11:50 2014 +0200: PAX: added PAX_SYSCTLS kernel option Sun May 25 19:10:16 2014 +0200: PAX ASLR: simplify jail handling Sun May 25 19:00:12 2014 +0200: PAX: hook in pax_init_prison at kern_jail_set Thanks, Shawn -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: not available URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20140628/809c1a51/attachment.sig>