This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: ROP and JOP attack protection
- From: Mikhail Maltsev <maltsevm at gmail dot com>
- To: Roy Leblanc <blanc at swissmail dot com>, gcc at gcc dot gnu dot org
- Date: Mon, 23 May 2016 21:25:41 +0300
- Subject: Re: ROP and JOP attack protection
- Authentication-results: sourceware.org; auth=none
- References: <trinity-fd5040b1-18e9-4b24-9ca2-afec38d0b025-1464025856143 at 3capp-mailcom-lxa09>
On 05/23/2016 08:50 PM, Roy Leblanc wrote:
> Hello all,
>
> Does GCC's code generator at this point provide protection against ROP and JOP attacks? This can be achieved by carefully controlling what opcode bytes and immediate values are produced. It can also be achieved by rewriting assembler output as you see with the AntiJOP project.
>
> More information: https://en.wikipedia.org/wiki/Return-oriented_programming
>
> -Roy
>
IIUC, this is still work in progress. Some initial support is available in GCC
6.1: https://gcc.gnu.org/ml/gcc-patches/2015-11/msg01773.html
--
Regards,
Mikhail Maltsev