OpenBSD may soon gain further memory protections: immutable userland mappings
by from OpenBSD Journal on (#6365H)
In a September 1st post to tech@ titled immutable userland mappings, Theo de Raadt (deraadt@) gave us a preview of code that may soon land in -current. The message leads in,
In the last few years, I have been improving the strictness of userlandmemory layout.An example is the recent addition of MAP_STACK and msyscall(). The first onemarks pages that are stack, so that upon entry to the kernel we can check ifthe stack-pointer is pointing in the stack range. If it isn't, the most obviousconclusion is that a ROP pivot has occured, and we kills the process. The secondone marks the region which contains syscall traps, if upon entry to the kernelthe PC is not in that region, we know somone is trying to do system calls viaan unapproved method.