Most Linux distributions now use ASLR for many programs, to randomize the layout

Question

Most Linux distributions now use ASLR for many programs, to randomize the layout of memory.

How often is the randomness used for this changed? If I re-run the same program multiple times, will it receive the same layout each time, or will it differ every time? Is fresh randomness generated each time the program is run? each time the machine is rebooted? When are the random values refreshed/reset to new values? Does this depend upon the Linux distribution? Does it depend on which region of memory we are talking about (e.g., the executable, dynamic libraries, the stack, the heap, etc.), or is the answer the same for all of them?

Explanation / Answer

The ASLR randomness for aligning the stack and mmap allocations is generated by the kernel's internal get_random_int function for each new process.

get_random_int uses the RDRAND instruction to generate random values, if supported by the CPU. On other CPUs, It uses a PRNG that is initialized once, at boot, from the kernel's non-blocking (/dev/urandom) pool. (This PRNG is optimized to be fast, not to be cryptographically secure.)

The dynamic linker/loader (ld.so, part of glibc) uses mmap to load the executable and any shared libraries.

So, bottom line: the location of the stack and mmap allocations (including the heap and any executables) are random and different for each new process.

Related Questions

Navigate

• Browse (All)
• Browse M
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.