Theo de Raadt added a series of patches to the OpenBSD codebase to further protect user-space process memory. Developers are offered a new system call and the associated mimmutable library function of the same name, which allows fixing access rights when reflecting into memory (memory mappings). After fixing, the rights set for the memory area, for example, the prohibition of writing and executing, cannot be changed later through subsequent calls to the mmap (), mprotect () and munmap () functions, which, when attempting to change, will generate an EPERM error.
A new Mutable BSS section (.openbsd.mutable, Mutable Block Starting Symbol) has been proposed to control the ability to change mirrored memory permissions for object files, and new flags PF_MUTABLE and UVM_ET_IMMUTABLE have been added. Added support to the linker for defining "openbsd.mutable" sections and placing them in a separate area in the BSS aligned to a memory page boundary. Through the call to the mimmutable function, it is possible to mark all mirrored areas as immutable, with the exception of sections marked as "openbsd.mutable". The new feature will be rolled out to users in the OpenBSD 7.3 release.
Source: opennet.ru