[cfe-dev] Clang Question

Bernard Moore via cfe-dev cfe-dev at lists.llvm.org
Wed Sep 11 08:14:40 PDT 2019


Hello,
I'm doing some CFI (control-flow-integrity) protection/performance testing with clang. Obviously, when compiling for x86_64 there are much more protection schemes (like -fsanitize=safe-stack) compared to ARM. My tests were done on Raspberry Pi 3 which uses an ARMv7 processor. After compiling a test program on x86_64 and ARM, I conducted some common attacks like buffer overflows, ROP, return-into-libc, and more. I conducted two tests for each architecture, one where several CFI flags were enabled (like -fstack-protector-strong and -fsanitize) and another test where no flags were used. The initial results (when no flags were used) showed that a lot of the attack forms are virtually impossible on ARM (only 14 attacks were successful, out of the hundreds of attack techniques I've tried, and the only ones where the attack was successful were return-into-libc via a function pointer either on the stack or heap). This deviates from the results when compiling for x86_64, where there were hundreds of successful attacks. 

Is this why a lot of the CFI flags are not available on ARM - because it's already quite resilient to these types of attacks? Is -fsanitize=safe-stack and other features even worth developing for ARM? Why is ARM so much more resilient to attacks that are so common on x86_64?
Thank you.
Bernie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20190911/9ce8aea4/attachment.html>


More information about the cfe-dev mailing list