Techly NewsGet the app

Get the latest tech news

Hardening C Against ROP: Getting CET Shadow Stacks Working


This post shows you how to use CET user shadow stacks on Linux. CET is a hardening technology that mitigates typical memory unsafety issues on x86. This post will not explain this security feature. If you don’t know what CET is, this post is probably not for you. For general advice on hardening C/C++, check out these guidelines.

CET is a hardening technology that mitigates typical memory unsafety issues on x86. Linux 6.6 or later with CONFIG_X86_USER_SHADOW_STACK=y glibc 2.39 or later A CPU supporting CET shadow stacks: Intel Tiger Lake or later (?) Compile this program with-cf-protection=return(or full) to enable shadow stack support:

Get the Android app

Or read this on Hacker News

Read more on:

Photo of cet shadow

cet shadow

Photo of rop

rop

« This Simple New Assisted Driving Feature Could End Left-Lane Hogging
Microprogramming: A New Way to Program »