Another motivation for CFG: return-oriented programming

This commit is contained in:
Dr. Koutheir Attouchi 2020-08-20 18:54:40 -04:00 committed by GitHub
parent e15510ca33
commit 6fca004ba9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -19,8 +19,9 @@ CFG functionality is completely implemented in the LLVM backend and is supported
## When to use Control Flow Guard
The primary motivation for enabling CFG in Rust is to enhance security when linking against non-Rust code, especially C/C++ code. To achieve full CFG protection, all indirect calls (including any from Rust code) must have the appropriate CFG checks, as added by this flag. CFG can also improve security for Rust code that uses the `unsafe` keyword
The primary motivation for enabling CFG in Rust is to enhance security when linking against non-Rust code, especially C/C++ code. To achieve full CFG protection, all indirect calls (including any from Rust code) must have the appropriate CFG checks, as added by this flag. CFG can also improve security for Rust code that uses the `unsafe` keyword.
Another motivation behind CFG is to harden programs against [return-oriented programming (ROP)](https://en.m.wikipedia.org/wiki/Return-oriented_programming) attacks. CFG disallows an attacker from taking advantage of the programs own instructions while redirecting control flow in unexpected ways.
## Overhead of Control Flow Guard