Twitter

	John Regehr @johnregehr	19. ruj
	memory tagging should be a game changer for C and C++; get with the program, @intel and @apple!! pic.twitter.com/z2vXAtTb7z
	Prikaz fotografije ·

@Gok Odgovor korisniku/ci @johnregehr

I'm going to be that jerkface and predict that MTE won't do all that much. It's a pretty weak mitigation that requires a lot of work to adopt.

13:09 - 19. ruj 2019.

Označi sa "sviđa mi se"

	Rich Felker @RichFelker	19. ruj
	Odgovor korisniku/ci @Gok @johnregehr MTE requires relatively little work to adopt (I say this as someone who's adamant about not adopting invasive "hardening" snakeoil like CET) and completely closes off huge classes of vulns.
	Prikaz razgovora ·

	Gok @Gok	19. ruj
	Odgovor korisniku/ci @RichFelker @johnregehr I keep hearing this and I feel like I'm missing something. What classes does it completely close off? The 4-bit tags seem ridiculously easy to bypass to a motivated attacker.
	Prikaz razgovora ·

	The Doge Mocenigo @DogeMocenigo	19. ruj
	Odgovor korisniku/ci @Gok @johnregehr It is not (only) a (weak) mitigation - it is a tool to discover bugs and vulnerabilities in the field. Testing - including smart fuzzing - does not find all memory access defects. But if MTE information is collected IN THE FIELD you find these defects and with absolute precision
	Prikaz razgovora ·

	Gok @Gok	19. ruj
	Odgovor korisniku/ci @DogeMocenigo @johnregehr If that was really the goal you could just opportunistically deploy (HW)Asan, which is more precise and doesn’t require replacing billions of devices.
	Prikaz razgovora ·

	The Doge Mocenigo @DogeMocenigo	19. ruj
	Odgovor korisniku/ci @Gok @johnregehr And re: a lot of work to adopt. Link to a different version of glibc and use a compiler flag is really too much?
	Prikaz razgovora ·

	Gok @Gok	19. ruj
	Odgovor korisniku/ci @DogeMocenigo @johnregehr Every binary needs to be updated. And everyone that wrote their own memory allocator (i.e. every sufficiently large C project) has to do work.
	Prikaz razgovora ·