[RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
tycho at tycho.ws
Wed Apr 17 19:52:13 UTC 2019
On Wed, Apr 17, 2019 at 12:49:04PM -0700, Andy Lutomirski wrote:
> I also proposed using a gcc plugin (or upstream gcc feature) to add
> some instrumentation to any code that pops RSP to verify that the
> resulting (unsigned) change in RSP is between 0 and THREAD_SIZE bytes.
> This will make ROP quite a bit harder.
I've been playing around with this for a bit, and hope to have
something to post Soon :)
More information about the Linux-security-module-archive