OpenBSD KARL: For each start a new kernel

Under the name KARL, short for Kernel Address Randomized link, OpenBSD has introduced a new feature to protect the operating system kernel. KARL fundamentally different from the ASLR and KASLR in Linux.

A new random mechanism called KARL presented in the openbsd-tech mailing list OpenBSD founder Theo de Raadt. The acronym stands for Kernel Address Randomized link, connecting the parts of the kernel in random order.

The unusual is that this does not happen when compiling the kernel from source, but during installation, each time you upgrade and even when the system is rebooted. In other words: Each time you start OpenBSD gets a unique, new ragtag kernel.

A kernel without KARL

To understand KARL, a look to the usual procedure is helpful: The compiler translates all belonging to the kernel source code files individually into machine code. Additionally, there is the tiny bootstrap loader (boot loader, locore.s), which loads the actual kernel into memory and starts. It caused many object files with the extension .o that - are similar to DLLs - very remote.

Together with necessary data is dependent of the Left all these object files, starting with the boot loader, to one another and writes them into the kernel file (/ bsd for the single-core kernel OpenBSD). The order is determined by the config tool and other auxiliary files from OpenBSD yet exactly.

De Raadts legitimate criticism: All OpenBSD kernel of a release are absolutely identical. If an attacker, for example via a compromised hypervisor with OpenBSD as a virtual machine, also can only identify a tiny part of the kernel, it automatically knows all other entry points for kernel functions.

KARL provides a unique kernel

KARL prevented by each kernel is unique by its accidental creation of start to start. Even the only required to load the kernel boot loader part removed the system after use from the memory. Furthermore, the whole thing is to work with only minimal delay at startup.

KARL can try directly interested with OpenBSD 6.1-CURRENT.
KARL interested can try a OpenBSD 6.1-CURRENT.Enlarge
Picture: Michael Plura
The kernel you do not rebuild, it will be put together with a link kit from its existing on the system object files. This is done via the new reorder_kernel () - function of the Start script / etc / rc. The Diff this is surprisingly small and contains no line of C code. Since the new kernel is generated during power-up, it is relevant to the next system startup.

Differences to ASLR

When Address Space Layout Randomization (ASLR), the system address ranges for programs has to happen to what is difficult about taking advantage of buffer overflows. When based on Kernel Address Space Layout Randomization (KASLR) Linux kernel loads the always identical to random memory addresses. KARL however, invites a random kernel to an identical address.

likes to be found a new kernel every time you start many system administrators seem strange. It is reminiscent of the mutation engines of viruses, the so-around for signatures based virus scanner on the nose. Except for the resume from Hibernate mode but KARL works fine in the development version OpenBSD 6.1-CURRENT and extends the startup barely noticeable.

Update 07.10.2017, 13:20: The wording on the effects of ASLR specified on buffer overflows.(Fo)