OpenBSD may soon gain further memory protections: immutable userland mappings

Author:
Source

In a September 1st post to tech@ titled immutable userland mappings, Theo de Raadt (deraadt@) gave us a preview of code that may soon land in -current. The message leads in,

In the last few years, I have been improving the strictness of userland
memory layout.

An example is the recent addition of MAP_STACK and msyscall().  The first one
marks pages that are stack, so that upon entry to the kernel we can check if
the stack-pointer is pointing in the stack range.  If it isn't, the most obvious
conclusion is that a ROP pivot has occured, and we kills the process.  The second
one marks the region which contains syscall traps, if upon entry to the kernel
the PC is not in that region, we know somone is trying to do system calls via
an unapproved method.

Read more…

Read more