> Wonder if the author is aware of the reasons why this was disabled (it's functionally gone on both platforms). On iOS newer processors have PAC which provides much stronger guarantees against ROP and Linux disabled it because execute-only mappings bypass PAN: https://blog.siguza.net/PAN/.
Yes, of course he is. He even mentions PAN being broken in the recording. What doesn't make sense is the Android/Linux decision to entirely abandon execute-only. Let PAN be broken, newer chips will eventually fix it in hardware (EPAN) and older chips without PAN (notably, the Raspberry Pis) still get full protection.
Yes, of course he is. He even mentions PAN being broken in the recording. What doesn't make sense is the Android/Linux decision to entirely abandon execute-only. Let PAN be broken, newer chips will eventually fix it in hardware (EPAN) and older chips without PAN (notably, the Raspberry Pis) still get full protection.