|
|
|
|
|
|
by muricula
2157 days ago
|
|
|
I haven't read the whole paper, but this has a section on performance and a security analysis of the hardware feature:
https://sci-hub.tw/10.1145/3337167.3337175 CET has two parts, a forwards edge protection (indirect jumps and calls like those necessary to execute a C++ virtual function, a Go interface function, or a Rust trait function), and a backwards edge protection to protect against Return Oriented Programming (overwriting the return address to attacker chosen code). If I recall correctly, Windows will only use the backwards edge protection, since they already have a superior technology for forwards edge protection (CFG and XFG). The backwards edge protection has an impact of 1.65% according to that paper. Forwards edge protection had no impact. I have to say, this is well worth it. |
|
|