Date: Wed, 18 Nov 2015 05:10:08 +0300 From: Solar Designer <solar@...nwall.com> To: Jeff Law <law@...hat.com> Cc: Bernd Schmidt <bschmidt@...hat.com>, oss-security@...ts.openwall.com, Florian Weimer <fweimer@...hat.com> Subject: Re: Fwd: x86 ROP mitigation On Tue, Nov 17, 2015 at 10:34:46AM -0700, Jeff Law wrote: > I don't think anyone believes this stuff will make a significant > difference *at this stage*. Thus, we aren't planning announcements or > any promotion of the work. > > The obvious idea is to keep knocking off sources of ROP gadgets, > hopefully reaching a point where ROP gadgets are reasonably hard to find > & exploit in GCC generated code at some point in the future. > > As each bundle of work reaches completion, it will be submitted to the > appropriate project (GCC & binutils). There's no value in holding back > any particular mitigation technique. They'll just keep dropping as > they're completed. This approach makes sense to me, but I think we should have a better idea of whether and how "a point where ROP gadgets are reasonably hard to find & exploit" is potentially reachable. If it is not even potentially reachable, then this undermines the effort, unfortunately. Also, "hard" might be a wrong goal. More important is making attacks less reliable or/and less generic, such as through forcing them to be more complex or/and to rely on more aspects of the target system. Overall, this might be a worthwhile effort - it's just that I'd like to see a more convincing potential plan early on, even if the individual mitigations would be getting upstreamed one by one (as they should be). Thanks, Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ