A return-oriented programming defense from OpenBSD

Posted Sep 11, 2017 18:40 UTC (Mon) by wahern (subscriber, #37304)
In reply to: A return-oriented programming defense from OpenBSD by itvirta
Parent article: A return-oriented programming defense from OpenBSD

From Table 1 of the Code-Pointer Integrity (2014) paper:

                   Safe Stack  CPS    CPI
-------------------------------------------
Average (C/C++)  |       0.0%   1.9%   8.4%
Median (C/C++)   |       0.0%   0.4%   0.4%
Maximum (C/C++)  |       4.1%  17.2%  44.2%
-------------------------------------------
Average (C only) |      -0.4%   1.2%   2.9%
Median (C only)  |      -0.3%   0.5%   0.7%
Maximum (C only) |       4.1%  13.3%  16.3%
-------------------------------------------
Table 1: Summary of SPEC CPU2006
performance overheads.

Safe Stack is the dual-stack mechanism. CPS(weak) and CPI (strong) are for dealing with function pointers in heap data.