[PATCH] Insert random noops to increase security against ROP attacks (llvm)
Chandler Carruth
chandlerc at google.com
Mon Jan 5 19:04:13 PST 2015
On Mon, Jan 5, 2015 at 6:53 PM, PaX Team <pageexec at gmail.com> wrote:
> On 5 Jan 2015 at 16:32, Stephen Crane wrote:
>
> > In a nutshell, the idea is to create functionally equivalent copies of
> > the software with different code layouts to prevent attackers from
> > knowing where the code they want to reuse is located.
>
> isn't it defeated by BROP and other techniques?
>
> http://crypto.stanford.edu/~dabo/pubs/abstracts/brop.html
> http://www.scs.stanford.edu/~sorbo/brop/bittau-brop.pdf
> http://www.ieee-security.org/TC/SP2013/papers/4977a574.pdf
I'll let Stephen and others speak for themselves, but to throw out my 2
cents -- this still seems to be a reasonable component of a
defense-in-depth approach. In particular, it is another hurdle that must be
cleared, raising the bar for any potential attacker.
Put another way, just because stack canaries can be defeated doesn't, IMO,
remove their value. I put this in the same bucket. This makes a certain
class of attacks substantially more difficult or expensive to carry out.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150105/27b3362a/attachment.html>
More information about the llvm-commits
mailing list