> Apple Silicon Macs will enforce a restriction called “write XOR execute” (W^X). This means that chunks of memory will be designated as writable, or as executable, but never as both at the same time. Many macOS apps contain performance optimization programs that require memory to be both writable and executable, but this can lead to serious security issues. By enforcing W^X, Apple will harden Mac security at the memory level. App developers, however, won’t be left out in the cold — if they still need those optimization programs for their apps, they can use a new macOS API that provides a way to switch between write and execute permissions quickly and safely.
> W^X ("write xor execute", pronounced W xor X) is a security feature in operating systems and virtual machines. It is a memory protection policy whereby every page in a process's or kernel's address space may be either writable or executable, but not both. Without such protection, a program can write (as data "W") CPU instructions in an area of memory intended for data and then run (as executable "X"; or read-execute "RX") those instructions. This can be dangerous if the writer of the memory is malicious. W^X is the Unix-like terminology for a strict use of the general concept of executable space protection, controlled via the mprotect system call.
The JVM has worked fine on macOS and Apple Silicon for years. It's not violating W^X. The problem is an undocumented/unannounced and probably unintended change in kernel behavior.
Shouldn't this help zero in on where the issue is located? If it did not occur in the last released beta but it now exists in the released update, doesn't that significantly reduce the footprint of where to search for changes?
> The signal comes from a safe fetch, which is just a read that allows ignoring the fault as if it never happened. Such a signal is deliver synchronously, so the usual restrictions for asynchronous signal handlers do not apply.
Java has worked great on Apple Silicon since release and it’s still working great now for most users. The linked post explains that Java is already using the W^X modes but there’s an edge case involving page faults while the JIT is updating pages, which to me seems suspiciously like an attempted security improvement which needed better testing:
Most of the time with these update problems it's way more specific than that. It'll be an Apple silicon chip with a very specific system state, creating a low number of high profile errors that are indistinguishable from random.
It's still often a good idea to wait a few days or weeks before updating just in case you're caught by the bugs, but the rates of errors are usually much lower than the mainstream media reporting would lead you to believe.
> Write XOR execute (W^X)
> Apple Silicon Macs will enforce a restriction called “write XOR execute” (W^X). This means that chunks of memory will be designated as writable, or as executable, but never as both at the same time. Many macOS apps contain performance optimization programs that require memory to be both writable and executable, but this can lead to serious security issues. By enforcing W^X, Apple will harden Mac security at the memory level. App developers, however, won’t be left out in the cold — if they still need those optimization programs for their apps, they can use a new macOS API that provides a way to switch between write and execute permissions quickly and safely.
And the nature of W^X - https://en.wikipedia.org/wiki/W%5EX
> W^X ("write xor execute", pronounced W xor X) is a security feature in operating systems and virtual machines. It is a memory protection policy whereby every page in a process's or kernel's address space may be either writable or executable, but not both. Without such protection, a program can write (as data "W") CPU instructions in an area of memory intended for data and then run (as executable "X"; or read-execute "RX") those instructions. This can be dangerous if the writer of the memory is malicious. W^X is the Unix-like terminology for a strict use of the general concept of executable space protection, controlled via the mprotect system call.
---
See also Porting just-in-time compilers to Apple silicon - https://developer.apple.com/documentation/apple-silicon/port...
And W^X now mandatory in OpenBSD (8 years ago : https://news.ycombinator.com/item?id=11789169 )