zlacker

[return to "OpenBSD: Removing syscall(2) from libc and kernel"]
1. tiffan+Mr[view] [source] 2023-10-27 17:33:06
>>eclipt+(OP)
Can someone explain the significance.
◧◩
2. monoca+Fw[view] [source] 2023-10-27 17:56:59
>>tiffan+Mr
OpenBSD has been putting in a lot of work lately to harden the syscall ABI; a large component of that work has been constricting how a syscall is invoked from user space as a defense in depth technique to make shell code style exploits more difficult. That's previously taken the form of techniques like only allowing syscalls to be invoked from the libc .text section.

This work is removing a very indirect morph of syscall where the arguments/sysnum are in a struct in memory, making it harder for exploits to invoke weird versions of syscalls on their own terms.

◧◩◪
3. eikenb+O01[view] [source] 2023-10-27 20:36:23
>>monoca+Fw
Why aren't these changes made in kernel to keep the syscall ABI standardized and safe instead of requiring the use of an unsafe language wrapper? We should be discouraging more use of unsafe languages, not forcing it.
◧◩◪◨
4. ben_ba+sh1[view] [source] 2023-10-27 22:07:04
>>eikenb+O01
Then don't run a OS with a kernel written in C. That would rule out Windows, Mac, Linux and *BSD.
◧◩◪◨⬒
5. eikenb+In1[view] [source] 2023-10-27 22:49:13
>>ben_ba+sh1
Using syscalls means you can replace the kernel. Using libc means you are locked into and FFI/C calling convention for anything other than C. Apples/Oranges.
[go to top]