| version 1.1, 2020/05/06 12:20:45 |
version 1.2, 2020/05/06 12:36:08 |
|
|
| features and auditing it. The kernel API accessible to these |
features and auditing it. The kernel API accessible to these |
| programs is now restricted through <a |
programs is now restricted through <a |
| href="https://man.openbsd.org/pledge">pledge(2)</a>. |
href="https://man.openbsd.org/pledge">pledge(2)</a>. |
| |
<li>System calls may now only be performed from selected code regions: |
| <!-- syscall call-from --> |
the main program, <a href="https://man.openbsd.org/ld.so">ld.so(1)</a>, |
| <li><span style="color: red;">"syscall call-from" checking</span> |
libc.so and the signal trampoline. A new system call |
| <li>Introduced <a |
<a href="https://man.openbsd.org/msyscall">msyscall(2)</a> indicates |
| href="https://man.openbsd.org/msyscall">msyscall(2)</a>, permitting |
the the libc range, and activates the locking. This change hardens |
| system calls from selected code regions only: the main program, <a |
against some attack methods. |
| href="https://man.openbsd.org/ld.so">ld.so(1)</a>, libc.so and |
|
| sigtramp. This is intended to harden against a mixture of W^X failures |
|
| and JIT bugs allowing syscall misinterpretation. |
|
| |
|
| <li>Prevented stack trace saving from inspecting untrusted data on |
<li>Prevented stack trace saving from inspecting untrusted data on |
| amd64, arm64 and i386. |
amd64, arm64 and i386. |
| <li>Used lfence in place of stac/clac on pre-SMAP CPUs to protect |
<li>Used lfence in place of stac/clac on pre-SMAP CPUs to protect |
![[BACK]](/icons/back.gif){kind=icon}
Return to 67.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www