|
|
Log in / Subscribe / Register

Control-flow integrity in 5.13

Control-flow integrity in 5.13

Posted May 22, 2021 16:17 UTC (Sat) by corbet (editor, #1)
In reply to: Control-flow integrity in 5.13 by ale2018
Parent article: Control-flow integrity in 5.13

As noted in the article, this change provides forward-edge protection. Protecting against return-address corruption (backward-edge) requires different techniques like shadow stacks.

The jump tables will be in read-only memory, which makes them a lot harder to overwrite.

to post comments

Control-flow integrity in 5.13

Posted May 25, 2021 1:33 UTC (Tue) by cypherpunks2 (guest, #152408) [Link]

PaX RAP uses a different technique which does not require shadow stacks and is more performant. Sadly it is available for customers only right now.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds