Security Mitigations: Difference between revisions

From Nintendo Switch Brew
Jump to navigation Jump to search
← Older editNewer edit →
No edit summary
Confirmed to be present on S2 19.0.0+
Line 17: Line 17:
= CFI (Control-Flow-Integrity) =
= CFI (Control-Flow-Integrity) =
Besides the CFI used by [[Internet_Browser|web-applets]], S2 sysmodules use a version of CFI which validate vtable-ptrs (the address of the ptr, without accessing the data located there). PAC is not used with this. An undefined-instruction exception is triggered on CFI failure.
Besides the CFI used by [[Internet_Browser|web-applets]], S2 sysmodules use a version of CFI which validate vtable-ptrs (the address of the ptr, without accessing the data located there). PAC is not used with this. An undefined-instruction exception is triggered on CFI failure.
This is present with sysmodules on system-version 20.x, it's unknown whether 19.0.0 has this.

Revision as of 22:44, 19 January 2026

ASLR (Address Space Layout Randomization)

ASLR for userspace is supported.

KASLR (kernel) was added with 5.0.0. PASLR (physical) was added with 10.0.0.

RelRo

Support for RelRo (read-only-relocations) was added with 17.0.0, binaries built for [17.0.0+] use this.

PAC

[S2] PAC is used for retaddrs on stack.

XOM (eXecute-Only-Memory)

Support for --X was initially added with [19.0.0+], however it's only used on S2. It's unknown when S2 enabled using this.

Sysmodules have --X .text, at least as of system-version 20.x.

CFI (Control-Flow-Integrity)

Besides the CFI used by web-applets, S2 sysmodules use a version of CFI which validate vtable-ptrs (the address of the ptr, without accessing the data located there). PAC is not used with this. An undefined-instruction exception is triggered on CFI failure.

Retrieved from "https://switchbrew.org/w/index.php?title=Security_Mitigations&oldid=14225"