zlacker

[return to "OpenBSD: Removing syscall(2) from libc and kernel"]
1. saagar+Ss[view] [source] 2023-10-27 17:37:12
>>eclipt+(OP)
Why not remove syscall instructions altogether? When libc wants to do something, it traps on an undefined instruction and then the kernel looks at the program counter to see what it should do. Seems like this would be the ultimate application of this line of thought…
◧◩
2. monoca+Mx[view] [source] 2023-10-27 18:01:21
>>saagar+Ss
I don't think that helps much. OpenBSD already only allows syscalls originating out of the libc .text section, so whether the trap itself comes from a syscall instruction or some other trap mechanism doesn't really improve security AFAICT.
◧◩◪
3. saagar+7e1[view] [source] 2023-10-27 21:44:40
>>monoca+Mx
Yeah but it sounds super cool doesn’t it!
◧◩◪◨
4. monoca+6r1[view] [source] 2023-10-27 23:19:36
>>saagar+7e1
Every time I've seen a dev team go down that road, it's come with rather unfortunate unintended side effects.

https://devblogs.microsoft.com/oldnewthing/20041215-00/?p=37...

◧◩◪◨⬒
5. saagar+RK1[view] [source] 2023-10-28 02:12:08
>>monoca+6r1
Yeah but think of the attacks I thought of in the shower that it mitigates
[go to top]