Re: ROP Exploitation in openbsd-64 Programs After Removing ROP Gadgets

2023-09-21 Thread Peter N. M. Hansteen
On Fri, Sep 22, 2023 at 12:50:37PM +0800, Nan ZoE wrote: > Because, as far as I understand, these ROP mitigation mechanisms seem to > have been updated only in the three versions of OpenBSD, namely 6.3 to 6.5 > . Of course, I have also studied some > programs under

Re: ROP Exploitation in openbsd-64 Programs After Removing ROP Gadgets

2023-09-21 Thread Nan ZoE
Because, as far as I understand, these ROP mitigation mechanisms seem to have been updated only in the three versions of OpenBSD, namely 6.3 to 6.5 . Of course, I have also studied some programs under OpenBSD 6.5, and many of them still seem to have the potential

Re: OpenBSD Wireguard implementation not copying ToS from inner to outer WG header

2023-09-21 Thread Andrew Lemin
On Fri, Sep 22, 2023 at 12:27 PM David Gwynne wrote: > On Mon, Sep 18, 2023 at 12:47:52PM -, Stuart Henderson wrote: > > On 2023-09-17, Andrew Lemin wrote: > > > I have been testing the Wireguard implementation on OpenBSD and noticed > > > that the ToS field is not being copied from the

Re: ROP Exploitation in openbsd-64 Programs After Removing ROP Gadgets

2023-09-21 Thread fro
Why are you targeting 6.4? That was released in 2018. So, that's 5 years and 9 releases since then and another one is happening soon.       Sent: Thursday, September 21, 2023 at 8:50 AM From: "Nan ZoE" To: misc@openbsd.org Subject: ROP Exploitation in openbsd-64 Programs After Removing ROP

Re: OpenBSD Wireguard implementation not copying ToS from inner to outer WG header

2023-09-21 Thread David Gwynne
On Mon, Sep 18, 2023 at 12:47:52PM -, Stuart Henderson wrote: > On 2023-09-17, Andrew Lemin wrote: > > I have been testing the Wireguard implementation on OpenBSD and noticed > > that the ToS field is not being copied from the inner unencrypted header to > > the outer Wireguard header,

Re: ROP Exploitation in openbsd-64 Programs After Removing ROP Gadgets

2023-09-21 Thread Theo de Raadt
There is no comprehensive & final solution for RET polymorphism due to variable-sized instruction architecture, and the only solution is to move to fixed-sized architectures where all RETs can be protected and ROP-free therefore becomes possible. The best we can do is reduce it. The ability to

Re: OpenBSD disk I/O read and write

2023-09-21 Thread Alessandro Baggi
Il 21/09/23 13:47, Stuart Henderson ha scritto: On 2023-09-21, Alessandro Baggi wrote: Hi list, I'm trying to read I/O read and write value. Currently I'm using iostat but I can't understand if the speed in MB/s is relative to write or read ops. In+out combined. There is a way to get

Re: OpenBSD disk I/O read and write

2023-09-21 Thread Stuart Henderson
On 2023-09-21, Alessandro Baggi wrote: > Hi list, > I'm trying to read I/O read and write value. Currently I'm using iostat > but I can't understand if the speed in MB/s is relative to write or read > ops. In+out combined. > There is a way to get these 2 values separately? systat io, or it's

OpenBSD disk I/O read and write

2023-09-21 Thread Alessandro Baggi
Hi list, I'm trying to read I/O read and write value. Currently I'm using iostat but I can't understand if the speed in MB/s is relative to write or read ops. There is a way to get these 2 values separately? Thank you in advance. Alessandro.