Contributed by rueda on from the well-cleaned-stacks dept.
Theo de Raadt (deraadt@
)
has
committed
-fret-clean
for
clang
:
CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2024/06/02 09:40:43 Modified files: gnu/llvm/clang/include/clang/Driver: Options.td gnu/llvm/clang/lib/Driver/ToolChains: Clang.cpp gnu/llvm/llvm/lib/Target/X86: X86.h X86TargetMachine.cpp gnu/usr.bin/clang/libLLVMX86CodeGen: Makefile share/man/man1 : clang-local.1 Log message: add -fret-clean option (amd64 and i386 only at first), defaulting to off. This causes the caller to cleans the return address off the stack after a callq completes. The option is best used in low-level libraries (such as libc), because libc contains low-level system call stubs. The option reduces hints (found on the stale parts of the stack) about libc.so's mapping location, and together with random-relinking, relro got/pic, and xonly makes some exploit methods more difficult. ok mortimer, mlarkin, much discussion with kettenis, in snaps for 2 weeks.
See our earlier article for more discussion.
For now, this is only for amd64 and i386.
(Comments are closed)