[PLUG-ANNOUNCE] September PLUG Meeting: Hardware-Assisted Fine-Grained Control-Flow Integrity: Adding Lasers to Intel's CET/IBT
Michael Dexter
dexter at pdxlinux.org
Mon Aug 30 18:47:46 UTC 2021
Portland Linux/Unix Group General Meeting Announcement
Who: João Corrêa
What: Hardware-Assisted Fine-Grained Control-Flow Integrity: Adding
Lasers to Intel's CET/IBT
Where: https://li584-253.members.linode.com/PLUG
When: Thursday, September 2nd 2021 at 7pm Pacific
Why: The pursuit of technology freedom
This talk presents FineIBT, a compiler-based enhancement that enables
fine-grained forward-edge Control-Flow Integrity (CFI) policies on top
of Intel's Control-flow Enforcement Technology (CET). By combining the
new hardware features with compiler instrumentation, FineIBT anchors
indirect control transfers to sanity checks, enabling policies more
restrictive than those supported solely by CET and increasing its
effectiveness against control-flow hijacking attacks. An evaluation
through custom benchmarks shown that FineIBT provides similar security
guarantees with less performance costs when compared to Clang CFI,
retaining its penalty between 1% and 7% while the latter added overheads
between 5% and 53%. Beyond that, FineIBT also has other perks, such as
benefiting from the CET's hardening against transient execution attacks
and not depending on Link-Time Optimizations. This talk will explore the
FineIBT implementation recently sent to the kernel-hardening mailing
list, then discuss specific scenarios, such as how it could be used in
the Linux kernel, possible improvements and expected challenges.
Technical reference:
https://www.openwall.com/lists/kernel-hardening/2021/02/11/1
Joao is an Offensive Security Researcher at Intel. His research
interests are mostly focused in compiler-enabled features and analyses,
but he will normally be down to chat about anything that involves
binaries. Joao holds a PhD from the University of Campinas, where he
worked on kCFI, a Control-Flow Integrity implementation for the Linux
kernel (featured at Black Hat Asia 2017) and he also spent some time
working for SUSE, where he bootstrapped the development of libpulp, an
user-space live patching framework (featured at Linux Developers
Conference Brazil 2019 and SUSE Labs Conference 2018).
PLUG is open to everyone and does not tolerate abusive behavior on its
mailing lists or at its meetings.
PLUG Page with information about all PLUG events: https://pdxlinux.org/
Follow PLUG on Twitter: http://twitter.com/pdxlinux
Michael Dexter
PLUG Volunteer
More information about the PLUG-announce
mailing list