From: "Theo de Raadt" <deraadt@openbsd.org>
Subject: pinsyscalls(2)
To: tech@openbsd.org
Date: Sun, 28 Jan 2024 13:20:59 -0700

pinsyscalls(2) has gone into the tree without too much difficulty, and no
issues are currently known.

None of this could have been possible without help from a few groups of
people.

- gnezdo@ and others for early on reviewing the ports tree and removing (or
  at least reducing) calls to syscall(2)
- afresh1@, who followed my guidance and over 6 months wrote a syscall(2)
  emulator inside perl
- But most of all -- jsing@, who went through multiple iterations inside
  the go ecosystem to (1) force it to use libc system call stubs, which
  permitted msyscall(2), and (2) incrementally remove use of syscall(2)
  inside go and go libraries.

The direct-syscalls-inside-the-binary model used by go (and only go, noone
else in the history of the unix software does this) provided the biggest
resistance against this effort.

Start to end, this took 5 years.

Together with library relinking, this makes some specific low-level attack
methods unfeasable on OpenBSD, which will force the use of other methods.
Hopefuly those other methods are more difficult, or also harmed by library
relinking and other changes we've made.

This is all about removing avenues, and forcing attackers to use other
methods which are hopefully more challenging.