Return-Oriented Programming (ROP), and similarly Call/Jump-Oriented Programming (COP/JOP), have been the prevalent attack methodology for stealth exploit writers targeting vulnerabilities in programs. Intel introduces Control-flow Enforcement Technology (CET) [1] which is a HW-based solution for protecting from gadget-based ROP/COP/JOP attacks. The new architecture deals with such attacks using Indirect Branch Tracking and Shadow Stack. The required support is implemented in LLVM and includes optimized lightweight instrumentation. This talk targets LLVM developers who are interested in new security architecture and methodology implemented in LLVM. Attendees will get familiar with basic control flow attacks, CET architecture and its LLVM compiler aspects. [1] https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf
