OpenBSD Exploit Mitigations

Who am I?

step 1: Avoid exploits!

The exploit that can't happen doesn't need to be mitigated!

yeah, it's dull. But it's Really Important.

But shit happens...

If you can't prevent exploits, mitigate 'em!

"If memory has been overwritten, how does one continue?"


"Mitigations are inexpensive tweaks which increase the difficulty
of performing attack methods: 
    - Low impact on normal operation
    - Huge impact during attack scenario operation
Also, they act as a pressure towards robustness in software.
When a defect is detected, goal is to Fail Closed"
                    -- Theo de Raadt

Some OpenBSD Mitigation techniques


But things keep getting more interesting.

CISC -> RISC -> modern procs

Complexity is the enemy of quality, poor quality leads to security problems.

(...and security was probably never even thought about)

This ain't gonna be good.

Problem with pipelines

    if SSN = B goto GG
GG: inst5
What if the jump is taken, but inst2-inst4 is already in the pipeline? Here's where magic happens.

Realistically, we don't know where this is going to end up going. Yet.

but for now... it looks like hyperthreading is a baaad idea. Just don't use it.

Nick's Rule of Don't Run Bad Code on Your Computer still applies.

And that's not changed by virtualization.

Return Oriented Programming (ROP)

Dealing with ROP