Modern iOS Security Features – A Deep Dive into SPTM, TXM, and Exclaves
7 hours ago
- #Kernel Architecture
- #SPTM
- #iOS Security
- The XNU kernel, basis of Apple's operating systems, operates in a monolithic manner, posing security risks.
- Apple has been moving towards a more compartmentalized kernel architecture to enhance security.
- SPTM (System Page Table Manager) introduces domains of trust by managing memory retyping and mapping rules.
- TXM (Trusted Execution Manager) handles code signing and entitlement verification, separated by SPTM domains.
- Exclaves, the latest security feature, relies on SPTM's groundwork for secure execution environments.
- Communication mechanisms include xnuproxy for secure world requests and Tightbeam IPC framework.
- These architectural changes improve security by isolating key components, reducing risks from kernel compromises.