How Apple is constantly refactoring the Darwin Kernel to isolate security sensitive components and bring XNU (a little bit) closer to its micro kernel roots.
Since around The iPhone 12 Apple has extended the already formidable enhancements of Apple silicon to provide groundbreaking kernel security enhancements available on no other platform.
This talk discusses the gradual evolution process, and its impact on system security. Starting at the basics with KTRR, through APRR and PPL, and onwards to SPRR, GXF, SPTM , TXM, and, finally, exclaves, conclaves and the new user mode TPRO. We'll sort out the many acronyms and discuss both the assembly level changes, as well as how these features are integrated into XNU, AMFI and more.
