version 1.116, 2024/02/12 05:39:58 |
version 1.117, 2024/04/02 08:45:41 |
|
|
system-calls can no longer be performed from PROT_WRITE memory. |
system-calls can no longer be performed from PROT_WRITE memory. |
Theo de Raadt, June 2, 2019. |
Theo de Raadt, June 2, 2019. |
<li>System calls may only be performed from selected code regions |
<li>System calls may only be performed from selected code regions |
(main program, ld.so, libc.so, and sigtramp). |
(main program, ld.so, libc.so, and sigtramp). The libc.so region |
Theo de Raadt, November 28, 2019. |
is setup by <a href="https://man.openbsd.org/msyscall.2">msyscall(2)</a>. |
|
Theo de Raadt, November 28, 2019.<br> |
|
This mechanism was removed because later work on immutable memory + |
|
pinned system calls was even better. |
<li>Permissions (RWX, MAP_STACK, etc) on address space regions can be |
<li>Permissions (RWX, MAP_STACK, etc) on address space regions can be |
made immutable, so that <a href="https://man.openbsd.org/mmap.2">mmap(2)</a>, |
made immutable, so that <a href="https://man.openbsd.org/mmap.2">mmap(2)</a>, |
<a href="https://man.openbsd.org/mprotect.2">mprotect(2)</a> or |
<a href="https://man.openbsd.org/mprotect.2">mprotect(2)</a> or |
|
|
to tell the kernel the precise entry location of system calls in libc.so. |
to tell the kernel the precise entry location of system calls in libc.so. |
Since all syscall entries are now known to the kernel, the |
Since all syscall entries are now known to the kernel, the |
pininsyscall(SYS_execve) interface becomes redundant. |
pininsyscall(SYS_execve) interface becomes redundant. |
|
<a href="https://man.openbsd.org/msyscall.2">msyscall(2)</a> mechanism |
|
also becomes redundant (and is removed a bit later), because immutable |
|
memory + pinsyscalls together are cheaper and more effective targetting. |
Theo de Raadt, Jan 2024. |
Theo de Raadt, Jan 2024. |
</ul> |
</ul> |
|
|