Exploit Methods/Reused code chunks
From Linux Kernel Security Subsystem
Revision as of 22:10, 4 May 2016 by KeesCook
This is more generally knows as Return Oriented Programming (ROP) or Jump Oriented Programming (JOP), but ultimately boils down to using the kernel's own executable memory to build a chain of gadgets in order to perform the attacker's exploit.
- compiler instrumentation for Control Flow Integrity (CFI)
- Return Address Protection, Indirect Control Transfer Protection (e.g. RAP)
- Constant blinding (to defeat JIT sprays)