===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/innovations.html,v
retrieving revision 1.116
retrieving revision 1.117
diff -c -r1.116 -r1.117
*** www/innovations.html 2024/02/12 05:39:58 1.116
--- www/innovations.html 2024/04/02 08:45:41 1.117
***************
*** 202,209 ****
system-calls can no longer be performed from PROT_WRITE memory.
Theo de Raadt, June 2, 2019.
System calls may only be performed from selected code regions
! (main program, ld.so, libc.so, and sigtramp).
! Theo de Raadt, November 28, 2019.
Permissions (RWX, MAP_STACK, etc) on address space regions can be
made immutable, so that mmap(2),
mprotect(2) or
--- 202,212 ----
system-calls can no longer be performed from PROT_WRITE memory.
Theo de Raadt, June 2, 2019.
System calls may only be performed from selected code regions
! (main program, ld.so, libc.so, and sigtramp). The libc.so region
! is setup by msyscall(2).
! Theo de Raadt, November 28, 2019.
! This mechanism was removed because later work on immutable memory +
! pinned system calls was even better.
Permissions (RWX, MAP_STACK, etc) on address space regions can be
made immutable, so that mmap(2),
mprotect(2) or
***************
*** 259,264 ****
--- 262,270 ----
to tell the kernel the precise entry location of system calls in libc.so.
Since all syscall entries are now known to the kernel, the
pininsyscall(SYS_execve) interface becomes redundant.
+ msyscall(2) mechanism
+ also becomes redundant (and is removed a bit later), because immutable
+ memory + pinsyscalls together are cheaper and more effective targetting.
Theo de Raadt, Jan 2024.