all InfoSec news
FineIBT: Fine-grain Control-flow Enforcement with Indirect Branch Tracking. (arXiv:2303.16353v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
We present the design, implementation, and evaluation of FineIBT: a CFI
enforcement mechanism that improves the precision of hardware-assisted CFI
solutions, like Intel IBT and ARM BTI, by instrumenting program code to reduce
the valid/allowed targets of indirect forward-edge transfers. We study the
design of FineIBT on the x86-64 architecture, and implement and evaluate it on
Linux and the LLVM toolchain. We designed FineIBT's instrumentation to be
compact, and incur low runtime and memory overheads, and generic, so as to …
architecture arm code control design edge enforcement evaluation flow forward hardware instrumentation instrumenting intel linux llvm low memory policies program runtime solutions study support tracking valid x86