[PLUG] TONIGHT! PLUG Meeting: Hardware-Assisted Fine-Grained Control-Flow Integrity: Adding Lasers to Intel's CET/IBT

Michael Dexter dexter at pdxlinux.org
Thu Sep 2 18:20:12 UTC 2021


Portland Linux/Unix Group General Meeting Announcement

Who: João Corrêa
What: Hardware-Assisted Fine-Grained Control-Flow Integrity: Adding 
Lasers to Intel's CET/IBT
Where: https://li584-253.members.linode.com/PLUG
When: Thursday, September 2nd 2021 at 7pm Pacific
Why: The pursuit of technology freedom

This talk presents FineIBT, a compiler-based enhancement that enables 
fine-grained forward-edge Control-Flow Integrity (CFI) policies on top 
of Intel's Control-flow Enforcement Technology (CET). By combining the 
new hardware features with compiler instrumentation, FineIBT anchors 
indirect control transfers to sanity checks, enabling policies more 
restrictive than those supported solely by CET and increasing its 
effectiveness against control-flow hijacking attacks. An evaluation 
through custom benchmarks shown that FineIBT provides similar security 
guarantees with less performance costs when compared to Clang CFI, 
retaining its penalty between 1% and 7% while the latter added overheads 
between 5% and 53%. Beyond that, FineIBT also has other perks, such as 
benefiting from the CET's hardening against transient execution attacks 
and not depending on Link-Time Optimizations. This talk will explore the 
FineIBT implementation recently sent to the kernel-hardening mailing 
list, then discuss specific scenarios, such as how it could be used in 
the Linux kernel, possible improvements and expected challenges. 
Technical reference: 
https://www.openwall.com/lists/kernel-hardening/2021/02/11/1

Joao is an Offensive Security Researcher at Intel. His research 
interests are mostly focused in compiler-enabled features and analyses, 
but he will normally be down to chat about anything that involves 
binaries. Joao holds a PhD from the University of Campinas, where he 
worked on kCFI, a Control-Flow Integrity implementation for the Linux 
kernel (featured at Black Hat Asia 2017) and he also spent some time 
working for SUSE, where he bootstrapped the development of libpulp, an 
user-space live patching framework (featured at Linux Developers 
Conference Brazil 2019 and SUSE Labs Conference 2018).


PLUG is open to everyone and does not tolerate abusive behavior on its 
mailing lists or at its meetings.

PLUG Page with information about all PLUG events: https://pdxlinux.org/
Follow PLUG on Twitter: http://twitter.com/pdxlinux

Michael Dexter
PLUG Volunteer



More information about the PLUG mailing list