Post AcnydNmyxSLixvaWvY by zhuowei@notnow.dev
 (DIR) More posts by zhuowei@notnow.dev
 (DIR) Post #AcnydNmyxSLixvaWvY by zhuowei@notnow.dev
       2023-12-14T16:02:47.438359Z
       
       0 likes, 0 repeats
       
       @opa334 Why do forkfixes such as the one in Dopamine use C function hooking instead of e.g. registering a pthread_atfork handler? (Sorry for the really stupid question)
       
 (DIR) Post #Acq5QfUy0NH9btHaMK by saagar@federated.saagarjha.com
       2023-12-15T10:27:13.038504Z
       
       0 likes, 0 repeats
       
       @zhuowei @opa334 When all you’ve got is a hook every problem looks like a…wait, that’s not how it goes. Hmm
       
 (DIR) Post #Acq5QgIF3Agu4iKwAC by zhuowei@notnow.dev
       2023-12-15T16:28:19.990240Z
       
       0 likes, 0 repeats
       
       @saagar @opa334 When all you've got is a hook, everything hangs on a spinlock timeout.wait no(I wonder if you could, just, like, make launchd `mlock` every hooked page or something...)
       
 (DIR) Post #AcsT9yIBfAd4BvnQ1o by opa334@infosec.exchange
       2023-12-15T18:35:37Z
       
       1 likes, 0 repeats
       
       @zhuowei @saagar You cannot mlock DSC memory due to the page table being shared across processes. I recently worked on a way to it via KRW but it for once did not solve the issue and secondly introduced another panic (which is really weird and causes me to believe I fucked something up in my attempt but idk :/).All I know the issue happens after you applied memory hooks and it triggers when any process tries to page in some address, the address itself is not part of the panic log afaik, so I can't even say for sure whether it's a DSC page or not.