Erik Cabetas via llvm-dev
2015-Nov-12 21:52 UTC
[llvm-dev] Wrote-up a blog post explaining LLVM's SafeStack
http://blog.includesecurity.com/2015/11/LLVM-SafeStack-buffer-overflowprotection.html We thought this might be a good explanation of the feature for general developers. If there are any inaccuracies please let me know and we'll make corrections. Thanks for all the great work from pcc and the rest of the LLVM team to implement this feature into 3.8! Cheers, -Erik Cabetas- Managing Partner @IncludeSecurity <https://twitter.com/includesecurity> visit our research blog <http://blog.includesecurity.com> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20151112/76aa7a1e/attachment.html>
Yaron Keren via llvm-dev
2015-Nov-12 22:10 UTC
[llvm-dev] Wrote-up a blog post explaining LLVM's SafeStack
Nice! Should it live in http://llvm.org/docs ? 2015-11-12 23:52 GMT+02:00 Erik Cabetas via llvm-dev < llvm-dev at lists.llvm.org>:> > http://blog.includesecurity.com/2015/11/LLVM-SafeStack-buffer-overflowprotection.html > > We thought this might be a good explanation of the feature for general > developers. If there are any inaccuracies please let me know and we'll make > corrections. > > Thanks for all the great work from pcc and the rest of the LLVM team to > implement this feature into 3.8! > > Cheers, > > -Erik Cabetas- > Managing Partner > @IncludeSecurity <https://twitter.com/includesecurity> > visit our research blog <http://blog.includesecurity.com> > > _______________________________________________ > LLVM Developers mailing list > llvm-dev at lists.llvm.org > http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20151113/fe52b0f7/attachment.html>
David Chisnall via llvm-dev
2015-Nov-13 12:28 UTC
[llvm-dev] Wrote-up a blog post explaining LLVM's SafeStack
A minor correction: Code Pointer Integrity is CPI, not CFI (Control Flow Integrity is something different). If you’re claiming to talk about the weaknesses, then you should probably mention this Oakland paper, which shows how the CPI implementation that uses SafeStack can be broken: http://people.csail.mit.edu/rinard/paper/oakland15.pdf David> On 12 Nov 2015, at 21:52, Erik Cabetas via llvm-dev <llvm-dev at lists.llvm.org> wrote: > > http://blog.includesecurity.com/2015/11/LLVM-SafeStack-buffer-overflowprotection.html > > We thought this might be a good explanation of the feature for general developers. If there are any inaccuracies please let me know and we'll make corrections. > > Thanks for all the great work from pcc and the rest of the LLVM team to implement this feature into 3.8! > > Cheers, > > -Erik Cabetas- > Managing Partner > @IncludeSecurity > visit our research blog > _______________________________________________ > LLVM Developers mailing list > llvm-dev at lists.llvm.org > http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev