Bryan Steele is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse.
If you don't, you can sign up here.
Interesting technique by Todd Mortimer to reduce the number of gadgets on x86 even further: https://marc.info/?l=openbsd-tech&m=150869222214001&w=2 #OpenBSD #clang
Follow-up x86 "ROP friendly" gadget reduction framework for #clang, which can be extended. Impressive work by Todd Mortimer! 😎 https://marc.info/?l=openbsd-cvs&m=152495643720502&w=2 #OpenBSD
Todd Mortimer just landed his #RETGUARD mitigation work (aka #clang -fret-protector) into #OpenBSD -current, and enabled by default.
This uses OpenBSD's random-data memory feature, which was used by the stack protector to provide per shared object cookies.
https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/libexec/ld.so/SPECS.randomdata
https://www.openbsd.org/innovations.html
"In this way RETGUARD is an improved stack protector, since the cookies are per-function."
"In the kernel, this has the effect of removing approximately 50% of total #ROP gadgets, and 15% of unique ROP gadgets compared to the 6.3 release kernel." #OpenBSD
😎