Testing wanted: execute-only on amd64
by from OpenBSD Journal on (#67V8N)
On thetech@ mailing list,Theo de Raadt (deraadt@)has issued arequest for testingof patch(es) for execute-only (xonly)binaries on amd64.The message is quite long, but well worth reading in its entiretyfor those interested.Selected highlights include:
Some of you have probably noticed activity about "xonly" happeningto a bunch of architectures. First arm64, then riscv64, then hppa,and ongoing efforts with octeon, sparc64 (sun4u only), and more of thisis going to come in the future.Like past work decades ago (and I suppose continually also) on W^X, andincreasing use of c, the idea here is to have code (text segments)not be readable. Or in a more generic sense, if you mprotect a regionwith only PROT_EXEC, it is not readable.[...]But most of us have amd64 machines. Thrilling news: