The prekern architecture
This KASLR implementation is based on an intermediary kernel, called the "prekern". At boot time, the bootloader loads both the prekern and the real kernel in memory, and jumps into the prekern. The prekern then sets up several CPU structures, relocates the kernel and jumps into it. Finally, the kernel internalizes several structures and variables initialized by the prekern, unmaps the prekern from memory, and executes normally.
Resources
NetBSD.org: Kernel ASLR on amd64
TheRegister.co.uk: NetBSD, OpenBSD improve kernel security, randomly
NetBSD.org: The strongest KASLR, ever?
Download
The prekern, plus the kernel patches required, have all been committed to the NetBSD source tree. The prekern sources can be browsed here.
Installation
Make sure you have a v5.11 bootloader installed. If you don't:
$ cd /usr/src/sys/arch/i386/stand/boot/
$ make
# cp biosboot/boot /boot
Compile and install a new dynamic kernel:
$ cd /usr/src/
$ ./build.sh kernel=GENERIC_KASLR
# cp /usr/obj/sys/arch/amd64/compile/GENERIC_KASLR/netbsd /netbsd_kaslr
Build and install the prekern:
$ cd /usr/src/sys/arch/amd64/stand/prekern
$ make
# cp prekern /prekern
Reboot your machine. In the boot prompt, enter:
> pkboot netbsd_kaslr
The system will boot with no further user interaction. Note that the prekern
uses the screen (debug), and you may see the following being temporarily
displayed before the NetBSD kernel takes control:
Finally, you can still boot a static kernel, by typing as usual:
> boot netbsd