From 9d23717b6d3f94d8fad5ab00628dcbf41fa2cab5 Mon Sep 17 00:00:00 2001
From: Jeremy Rand <jeremyrand@danwin1210.de>
Date: Mon, 8 May 2023 13:45:18 +0000
Subject: [PATCH] README: Document mmap-rnd-bits

---
 README.md | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 33cb7d0..20f5a41 100644
--- a/README.md
+++ b/README.md
@@ -37,9 +37,6 @@ often abused to exploit use-after-free flaws.
 * Kexec is disabled as it can be used to load a malicious kernel and gain
 arbitrary code execution in kernel mode.
 
-* The bits of entropy used for mmap ASLR are increased, therefore improving
-its effectiveness.
-
 * Randomises the addresses for mmap base, heap, stack, and VDSO pages.
 
 * Prevents unintentional writes to attacker-controlled files.
@@ -54,6 +51,13 @@ prevents writing potentially sensitive contents of memory to disk.
 
 * TCP timestamps are disabled as it can allow detecting the system time.
 
+### mmap ASLR
+
+* The bits of entropy used for mmap ASLR are maxed out via
+`/usr/libexec/security-misc/mmap-rnd-bits` (set to the values of
+`CONFIG_ARCH_MMAP_RND_BITS_MAX` and `CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX` that
+the kernel was built with), therefore improving its effectiveness.
+
 ### Boot parameters
 
 Boot parameters are outlined in configuration files located in the