OpenBSD's Kernel Gets W^X Treatment On Amd64

← Back to Stories (view on slashdot.org)

OpenBSD's Kernel Gets W^X Treatment On Amd64

Posted by Soulskill on Wednesday January 14, 2015 @01:56AM from the write-stuff dept.

New submitter brynet tips this news from Theo de Raadt: Over the last two months Mike Larkin (mlarkin@) modified the amd64 kernel to follow the W^X principles. It started as a humble exercise to fix the .rodata segment, and kind of went crazy. As a result, no part of the kernel address space is writeable and executable simultaneously. At least that is the idea, modulo mistakes. Final attention to detail (which some of you experienced in buggy drafts in snapshots) was to make the MP and ACPI trampolines follow W^X, furthermore they are unmapped when not required. Final picture is many architectures were improved, but amd64 and sparc64 look the best due to MMU features available to service the W^X model. The entire safety model is also improved by a limited form of kernel ASLR (the code segment does not move around yet, but data and page table ASLR is fairly good."

6 of 84 comments (clear)

Min score:

Reason:

Sort:

Re:most of you will pretend you understand by Anonymous Coward · 2015-01-14 02:11 · Score: 3, Informative

Once you grok that W^X means Write XOR Execute (which you can gather from the rest of the summary), it gets easier.
Re:most of you will pretend you understand by Anonymous Coward · 2015-01-14 02:26 · Score: 3, Informative

Once you grok that W^X means Write XOR Execute (which you can gather from the rest of the summary), it gets easier.
I thought that meant they added all wheel drive and turbos.
Re:Status on other UNIX like kernels by Anonymous Coward · 2015-01-14 02:30 · Score: 5, Informative

According to Wikipedia, which is always right:

Similar features are available for other operating systems, including the PaX and Exec Shield patches for Linux, and NetBSD 4+'s implementation of PaX.
W^X
Re:FreeBSD? by Anonymous Coward · 2015-01-14 02:57 · Score: 2, Informative

Yes, there is some cross-pollination. In general, while BSDs share a common background, they are different operating systems, not "distros".
Re:most of you will pretend you understand by red_dragon · 2015-01-14 03:29 · Score: 3, Informative

I doubt that the mailing list will show any definition of "trampoline". That word has a specific meaning in kernel programming, such that one would already have a good understanding of the subject before poking around in kernel code.
FWIW, "trampoline" refers to generated bits of code containing jumps to arbitrarily different pieces of code, something that ESR called "an incredibly hairy technique" in the Jargon File.

--
In Soviet Russia, Jesus asks: "What Would You Do?"
Re:most of you will pretend you understand by Anonymous Coward · 2015-01-14 03:48 · Score: 0, Informative

The fact that the OP did NOT define 'W^X' was what hooked me in the first place!
They did, but it wasn't super obvious that that's what they were doing:

no part of the kernel address space is writeable and executable simultaneously
W -> Writeable
^ -> Exclusive OR
X -> Executable