Contributed by rueda on from the pincall-wizard dept.
Theo de Raadt (deraadt@
)
posted
to tech@
regarding restrictions on the
addresses from which system calls can be made.
In addition to providing background,
the post contains information (and a patch)
for an imminent change - the introduction of a new
syscall,
pinsyscalls(2)
[link not working at the time of writing because change not yet committed],
which specifies the addresses from which individual
system calls are permitted.
pinsyscalls(2)
will be called only from
the shared library linker,
ld.so(1)
.
(Comments are closed)
By Jorden Verwer (82.217.51.248) on
Actually, it's pinsyscall, not pinsyscalls. That's also why the link to the man page doesn't work.
Comments
By brynet (Brynet) brynet@openbsd.org on https://brynet.ca/
...
+.Sh NAME
+.Nm pinsyscalls
+.Nd pin system call entry to precise positions in the address space
By rueda (rueda) on https://www.openbsdfoundation.org/donations.html
No (sorry!). If you read the patch attached to Theo's post, you'll see that pinsyscalls(2) is new and distinct.
By Jorden Verwer (46.22.182.224) on
Ah yes, you are both right. I only read the running text of the email, not the patch. The patch mentions pinsyscalls, but the description only mentions pinsyscall. Obviously the patch is what really matters. Apologies for the confusion!