On 5/13/19 3:48 PM, Zack Vu wrote: > Given that essentially no CPUs today support CET and given that CPUs > remain deployed for perhaps 10 years, even more considering that CPU > performance has plateaued, isn't there a moral imperative > to mitigate ROP attacks using approaches other than just CET? > The two I mentioned would help in the short term; no need to wait many years. Red Hat's decision was to not focus on ROP mitigation in the compiler, but instead to focus on being CET ready. This was after looking very seriously at ROP mitigations as well as CET timeframes.
Your priorities may differ. The GCC project welcome implementations of usable mitigations. The really hard part is getting enough mitigations in place to actually spoil ROP attacks in a meaningful way. Nibbling on the edges doesn't really get you anywhere. jeff
