What #OpenBSD KARL tools are there to compare two kernels?
@emilian Depends what you mean? Besides say comparing hashes, cmp(1), or manual objdump(1). KARL is a link-kit which includes all the kernels .o / object files, randomly sorting and re-linking them.
@canadianbryan say I have two randomized kernels. How do I know it's the same binary or something altered? They are not identical, because of KARL. So, what tools are there to help me 'diff' them?
@emilian @canadianbryan Are you trying to compare two kernels? Or are you trying to be sure nothing malicious happened to /bsd?
If the latter, you can see the relinking results in /usr/share/compile/GENERIC/relink.log (assuming GENERIC kernel). There is also /var/db/kernel.SHA256 for verification.
@emilian @kurtm To that effect, the kernels file permissions are only readable/writable by root, because the whole point of KARL is to prevent attackers from learning offsets and discerning the memory layout:
-rwx------ 1 root wheel 13011786 Oct 14 17:58 bsd*
-rwx------ 2 root wheel 13007234 Oct 14 17:56 bsd.booted*