If you love exploit mitigations, you may have heard of a new system call named
↫ Alan Caomseallanding into the Linux kernel’s 6.10 release, providing a protection called “memory sealing.” Beyond notes from the authors, very little information about this mitigation exists. In this blog post, we’ll explain what this syscall is, including how it’s different from prior memory protection schemes and how it works in the kernel to protect virtual memory. We’ll also describe the particular exploit scenarios thatmsealhelps stop in Linux userspace, such as stopping malicious permissions tampering and preventing memory unmapping attacks.
The goal of mseal is to, well, literally seal a part of memory and protect its contents from being tampered with. It makes regions of memory immutable so that while a program is running, its memory contents cannot be modified by malicious actors. This article goes into great detail about this new feature, explains how it works, and what it means for security in the Linux kernel.
Excellent light reading for the weekend.
On the one hand, this helps mitigate some threat vectors, but on the other hand the flaws this is meant to address wouldn’t exist if switched to safe languages in the first place.. It’s one of those things where we know that we can do better, but we choose to keep using unsafe languages and vulnerable code by focusing instead on mitigations to make exploits harder. Making exploits harder is not a bad goal, but I’d rather see more “fixing” instead of more “mitigations”.