6 .Nd perform ASR rerandomization on system services
14 utility performs one cycle of system service live
15 ASR (Address Space Randomization) rerandomization.
16 By default, the utility will attempt to update all system services.
17 If a space-separated list of service
19 is given, only those services are updated.
21 Updates require the presence of at least two precreated ASR binaries for the
22 service: the original service binary, and at least one rerandomized ASR binary
24 The update consists of selecting the next on-disk ASR binary for the service,
25 and performing a live update from the current service into the selected new
27 The selection takes place in a round-robin fashion, so once the script has
28 gone through all rerandomized ASR binaries, it will revert to the original
29 service binary, and then continue with the first rerandomized ASR binary
32 The following options are available:
42 utility was written by
43 .An David van Moolenbroek
44 .Aq david@minix3.org .
46 Failures are silently ignored.
47 Some failures are expected, since not all services are necessarily quiescent
48 and therefore ready to be updated.
50 As of writing, no infrastructure exists to perform ASR updates automatically,
51 and no infrastructure exists to create new rerandomized binaries at runtime.