The Sched app allows you to build your schedule but is not a substitute for your event registration. In addition, you must be registered for Linux Security Summit to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC-7. Please select from the drop-down menu to the right to see the schedule in your preferred timezone above "Filter by Date."
Back To Schedule
Wednesday, September 29 • 11:50am - 12:35pm
(VIRTUAL) Hardware-Assisted Fine-Grained Control-Flow Integrity: Adding Lasers to Intel's CET/IBT - Joao Moreira, Intel

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
This talk presents FineIBT, a compiler-based enhancement that enables fine-grained forward-edge Control-Flow Integrity (CFI) policies on top of Intel's Control-flow Enforcement Technology (CET). By combining the new hardware features with compiler instrumentation, FineIBT anchors indirect control transfers to sanity checks, enabling policies more restrictive than those supported solely by CET and increasing its effectiveness against control-flow hijacking attacks. An evaluation through custom benchmarks shown that FineIBT provides similar security guarantees with less performance costs when compared to Clang CFI, retaining its penalty between 1% and 7% while the latter added overheads between 5% and 53%. Beyond that, FineIBT also has other perks, such as benefiting from the CET's hardening against transient execution attacks and not depending on Link-Time Optimizations. This talk will explore the FineIBT implementation recently sent to the kernel-hardening mailing list, then discuss specific scenarios, such as how it could be used in the Linux kernel, possible improvements and expected challenges. Technical reference: https://www.openwall.com/lists/kernel-hardening/2021/02/11/1

avatar for Joao Moreira

Joao Moreira

Offensive Security Researcher, Intel
Joao is an Offensive Security Researcher at Intel. His research interests are mostly focused in compiler-enabled features and analyses, but he will normally be down to chat about anything that involves binaries. Joao holds a PhD from the University of Campinas, where he worked on... Read More →

Wednesday September 29, 2021 11:50am - 12:35pm PDT
Room 402 - Chiliwack
  Refereed Presentation
  • Talk Type Virtual
  • Presentation Slides Attached Yes