1.Dd September 7, 2015 2.Dt UPDATE_ASR 8 3.Os 4.Sh NAME 5.Nm update_asr 6.Nd perform ASR rerandomization on system services 7.Sh SYNOPSYS 8.Nm 9.Op Fl v 10.Op Ar labels 11.Sh DESCRIPTION 12The 13.Nm 14utility performs one cycle of system service live 15ASR (Address Space Randomization) rerandomization. 16By default, the utility will attempt to update all system services. 17If a space-separated list of service 18.Ar labels 19is given, only those services are updated. 20.Pp 21Updates require the presence of at least two precreated ASR binaries for the 22service: the original service binary, and at least one rerandomized ASR binary 23for the service. 24The update consists of selecting the next on-disk ASR binary for the service, 25and performing a live update from the current service into the selected new 26version. 27The selection takes place in a round-robin fashion, so once the script has 28gone through all rerandomized ASR binaries, it will revert to the original 29service binary, and then continue with the first rerandomized ASR binary 30again, and so on. 31.Pp 32The following options are available: 33.Bl -tag -width Ds 34.It Fl v 35Enable verbose mode. 36.El 37.Sh SEE ALSO 38.Xr minix-service 8 39.Sh AUTHORS 40The 41.Nm 42utility was written by 43.An David van Moolenbroek 44.Aq david@minix3.org . 45.Sh BUGS 46Failures are silently ignored. 47Some failures are expected, since not all services are necessarily quiescent 48and therefore ready to be updated. 49.Pp 50As of writing, no infrastructure exists to perform ASR updates automatically, 51and no infrastructure exists to create new rerandomized binaries at runtime. 52