Some of our #OpenBSD anti-ROP #research ended up on lobsters: https://lobste.rs/s/xclcel/final_return_for_openbsd_anti_return
#BSD #FreeBSD #NetBSD #DragonFlyBSD #Linux #Unix #Illumos #compiler #compilers #GCC #LLVM #Clang
By the way, our first two publications on evaluating #OpenBSD mitigations are out. Both of these papers evaluate some amd64 anti-ROP mitigations: specifically changing the register selection order and semantically equivalent rewriting of instructions that may produce a potential polymorphic gadget instruction. This tracks a paper by mortimer@ back in 2019 at AsiaBSDCon.
The TL;DR is "OpenBSD can shrink binaries a little and gain a little performance without any security loss simply by reverting these mitigations." The mitigations did not hold up to independent evaluation.
The first paper did an exact 1:1 port of these mitigations to FreeBSD and found that register reallocation eliminates only about 0.3% of unique gadgets, for a 0.5% increase in binary size (mortimer@ claimed 6% reduction and "entirely free"). It is useless at best but more likely actively detrimental, as it produces a false sense of security. It also found the instruction rewriting reduces unique gadgets by about 3.5% with a binary size increase of about 1.8% (mortimer@ claimed 5% reduction with 0.15% binary size increase).
We then did a separate implementation of the instruction rewriting mitigation to GCC in the second paper. Our GCC implementation does the older <xchg; op; xchg> dance, as that's what mortimer@'s paper described. This is way worse; producing about a 3% performance hit for no security benefit at all.
The only part of both mitigations worth saving is for basic arithmetic, OpenBSD LLVM now takes advantage of the fact that basic arithmetic has two forms. For example, the newer instruction rewriting mitigation turns
addq %rax, %rbx (48 01 c3)
into
{load} addq %rax, %rbx (48 03 d8)
The new instruction rewriting mitigation is genuinely free in terms of binary size and execution speed, but doesn't move the security needle, so this one can stay as it is harmless. Other rewritings still have the flaw of increasing binary size and reducing performance for no security benefit.
Anyhow feel free to read the papers:
https://ieeexplore.ieee.org/abstract/document/11458911
https://www.researchgate.net/publication/405728967_A_Final_Return_for_OpenBSD_Anti-Return-Oriented_Programming_Mitigations
#BSD #FreeBSD #NetBSD #DragonFlyBSD #Linux #Unix #security #cybersecurity
A new #blog post appears!
I didn't want to write it, so I (basically) didn't.
New #blog post alert!
I muse about research some of my grad students and I did around independently evaluating some #OpenBSD anti-ROP mitigations, and I bid farewell to being an OpenBSD developer.
https://briancallahan.net/blog/20260322.html
#freebsd #netbsd #dragonflybsd #bsd #unix #linux #compiler #compilers #rop #research
oksh-7.8 is out! Sorry for the delay; was away at conferences.
https://github.com/ibara/oksh/releases/tag/oksh-7.8
#openbsd #netbsd #freebsd #dragonflybsd #bsd #linux #unix #solaris #illumos #macos #macosx #osx #aix #haiku #shell #ksh #oksh #sh #freesoftware #opensource #opensourcesoftware #oss
New #blog post. Let's write a peephole optimizer for #QBE that operates on #AArch64 assembly code. Three years ago, we did this for #AMD64 assembly code. But now that I have Arm machines, we can replicate the effort for another CPU architecture.
https://briancallahan.net/blog/20250901.html
#compiler #compilers #opensource #freesoftware #unix #bsd #freebsd #openbsd #netbsd #dragonflybsd #linux #illumos #macos #assembler #assembly
Two #blog posts in less than one week!
It was considered known that there is no support within GNAT (Ada) for illumos. We cross-build a complete native binutils+gcc toolchain for illumos to test out this claim.
...only to discover that illumos has full support within GNAT. Not a single test fails.
https://briancallahan.net/blog/20250817.html
#Ada #illumos #GNAT #GCC #GNU #freesoftware #unix #bsd #freebsd #openbsd #netbsd #dragonflybsd #linux #compiler #compilers
A new #blog post appears!
I discovered that the GNU D compiler has been broken on FreeBSD 14 for over a year and it seems no one noticed. Let's discover the issue and brainstorm some solutions to it.
A great case study for why operating system package maintainers matter.
https://briancallahan.net/blog/20250813.html
#dlang #dlanguage #freebsd #bsd #openbsd #netbsd #dragonflybsd #unix #gcc #gdc #gnu #compiler #compilers #d #linux #opensource #freesoftware
Mfw some good software by @cadey just randomly appears in my YouTube shorts feed: https://www.youtube.com/shorts/qcosij0dZcU
(It's about Anubis: https://anubis.techaro.lol/)
Finally got around to refactoring my little NYT Spelling Bee clone. No functional difference: https://github.com/ibara/freebee-cli/releases/tag/v3.1
I am building gcc-15.1.0 on my iMac G4 (Tiger) machine. It is on stage2, which is a good sign.
It will include C, C++, Fortran, Modula-2, Objective C, and Objective C++ compilers.
It will depend on my new PowerPC Mac OS X modernization library, libpcc: https://github.com/ibara/libppc
I'll write a blog post about how to use it once it is all compiled; my goal is to produce a turnkey solution that just works(TM), including assembler, linker, and other utilities, as recent as possible for PowerPC.
And libppc can be instantly extendable to incorporate more C11 and later features. Hopefully others in the retro Mac community are interested in building that up with me.
My ultimate goal is to build some flavor of WebKit some day and have a modern web experience (even if slow, and possibly using X11). But in the meantime we will probably build a lot of excellent modern software to keep these machines going.
#gcc #compiler #compilers #c #unix #linux #macos #macosx #osx #apple #powerpc #retro #retrocomputing #bsd #mac #macintosh
A wild #blog post appears!
I revived pkgsrc on AIX.
(Yes, I already sent a PR to NetBSD.)
https://briancallahan.net/blog/20250516.html
#linux #unix #bsd #freebsd #openbsd #netbsd #dragonflybsd #aix #ibm #solairs #illumos #pkgsrc #opensource #freesoftware
Prof, CSSE@MU
Director, Monmouth University Cybersecurity Research Center
Former #OpenBSD developer