mhaeuser Posted March 23, 2016 Share Posted March 23, 2016 Hey guys, Does someone happen to know if boot.efi uses KASLR even in no-cache mode (-f), for the versions of OS X that even support it? I don't have the setup to test (only El Capitan, which no longer supports -f), so would be cool if somebody knew. Regards, DF. Link to comment https://www.insanelymac.com/forum/topic/311532-kaslr-in-no-caches-boot/ Share on other sites More sharing options...
mhaeuser Posted March 23, 2016 Author Share Posted March 23, 2016 I threw a Mountain Lion boot.efi into IDA and it seems like KASLR is used with no-cache boot. It's used when: 1) prelinkedkernel header (if booting with caches) has a prelinkVersion >=1 AND the kernel's mach_header's flags has MH_PIE set. 2) You are not booting in safe mode. 3) It has not been disabled via the according hotkey. Link to comment https://www.insanelymac.com/forum/topic/311532-kaslr-in-no-caches-boot/#findComment-2226379 Share on other sites More sharing options...
Recommended Posts