Dispatches from the Empire


#

Kernel saunters – Apple rearranges XNU kernel with exclaves

…Apple’s development of exclaves represents a major shift in its security architecture. Essentially, Apple is trying to realize the security advantages of a microkernel without tossing the monolithic aspects of XNU.

Based on the references to exclaves in the XNU source for Apple’s Arm-compatible M4 chips and the A18 processors used in iPhone 16, our source argues that exclaves form the basis of a significant redesign of XNU’s security model.

“In iOS 18, exclaves refer to specific resources that are separated from the main iOS kernel (XNU) and cannot be accessed by it, even if the kernel is compromised,” the researcher [Random Augustine] explained in a document shared with The Register.

“These resources are predefined when the OS is built, are identified by name or id, have different types, are initialized at boot time, and are organized into unique domains.”

These resources include:

  • Shared memory buffers that can be accessed by both the kernel and the exclave, with the option to make them read-only or read-write to XNU.
  • Audio buffers and sensors that are used for securing features like the camera and microphone access indicators.
  • Conclaves that group multiple resources into their own secure domains.
  • Services that offer executable code within the exclave space when called upon by threads in XNU.

These resources are protected from XNU via enclave-specific page-types via the Secure Page Table Monitor, a hardware security functionality introduced with the arrival of the A15 chip and iOS 17. This makes Apple’s operating systems more secure by compartmentalizing sensitive services, such that the compromise of one doesn’t process access to the entire kernel address space.

Fascinating.

The obvious reason Apple would undertake this work is to improve security generally, which benefits the super-corp and its customers. The less obvious reason is that AI workloads running on-device and communicating with Apple’s Private Cloud Compute infrastructure potentially expand the attack surface, so it makes sense to mitigate the blast radius of attacks by adopting microkernel architecture.