CommunityNews

CommunityNews

Modern iOS Security Features -- A Deep Dive into SPTM, TXM, and Exclaves

The XNU kernel is the basis of Apple’s operating systems. Although labeled as a hybrid kernel, it is found to generally operate in a monolithic manner by defining a single privileged trust zone in which all system functionality resides. This has security implications, as a kernel compromise has immediate and significant effects on the entire system. Over the past few years, Apple has taken steps towards a more compartmentalized kernel architecture and a more microkernel-like design. To date, there has been no scientific discussion of SPTM and related security mechanisms. Therefore, the understanding of the system and the underlying security mechanisms is minimal. In this paper, we provide a comprehensive analysis of new security mechanisms and their interplay, and create the first conclusive writeup considering all current mitigations. SPTM acts as the sole authority regarding memory retyping. Our analysis reveals that, through SPTM domains based on frame retyping and memory mapping rule sets, SPTM introduces domains of trust into the system, effectively gapping different functionalities from one another. Gapped functionality includes the TXM, responsible for code signing and entitlement verification. We further demonstrate how this introduction lays the groundwork for the most recent security feature of Exclaves, and conduct an in-depth analysis of its communication mechanisms. We discover multifold ways of communication, most notably xnuproxy as a secure world request handler, and the Tightbeam IPC framework. The architecture changes are found to increase system security, with key and sensitive components being moved out of XNU’s direct reach. This also provides additional security guarantees in the event of a kernel compromise, which is no longer an immediate threat at the highest trust level.

Read in full here:

Where Next?

Popular Ios topics Top

First poster: bot
Structured concurrency is a new term for most Swift developers. This is an attempt to decipher its meaning.
New
First poster: bot
Cisco IOS Scripting with TCL Configuration Guide, Cisco IOS XE Amsterdam 17.x - Cisco IOS XE Scripting with Tcl [Cisco IOS XE Amsterdam...
New
New
First poster: bot
Tasks in Swift explained with code examples. Tasks in Swift allow us to create an environment in which we can run async methods using aw...
New
First poster: bot
How a Saudi woman’s iPhone revealed hacking around the world. A single activist helped turn the tide against NSO Group, one of the world...
New
New
First poster: bot
swift-evolution/0366-move-function.md at main · apple/swift-evolution. This maintains proposals for changes and user-visible enhancement...
New
First poster: bot
Swift was always going to be part of the OS. Someone complained that putting Swift in the OS has only made things worse for developers. ...
New
CommunityNews
My visionOS 26 persona. The side of my head really does look like that! If visionOS and the Vision Pro are all about charting a course to...
New
New

Other popular topics Top

Exadra37
I am asking for any distro that only has the bare-bones to be able to get a shell in the server and then just install the packages as we ...
New
AstonJ
If you are experiencing Rails console using 100% CPU on your dev machine, then updating your development and test gems might fix the issu...
New
PragmaticBookshelf
Create efficient, elegant software tests in pytest, Python's most powerful testing framework. Brian Okken @brianokken Edited by Kat...
New
AstonJ
Biggest jackpot ever apparently! :upside_down_face: I don’t (usually) gamble/play the lottery, but working on a program to predict the...
New
AstonJ
If you get Can't find emacs in your PATH when trying to install Doom Emacs on your Mac you… just… need to install Emacs first! :lol: bre...
New
PragmaticBookshelf
Author Spotlight Mike Riley @mriley This month, we turn the spotlight on Mike Riley, author of Portable Python Projects. Mike’s book ...
New
New
PragmaticBookshelf
Programming Ruby is the most complete book on Ruby, covering both the language itself and the standard library as well as commonly used t...
New
PragmaticBookshelf
Author Spotlight: Karl Stolley @karlstolley Logic! Rhetoric! Prag! Wow, what a combination. In this spotlight, we sit down with Karl ...
New
hilfordjames
There appears to have been an update that has changed the terminology for what has previously been known as the Taskbar Overflow - this h...
New