On Tue, Mar 8, 2016 at 12:47 PM, Scott Bauer <sba...@eng.utah.edu> wrote: > This patch adds a per-process secret to the task struct which > will be used during signal delivery and during a sigreturn. > Also, logic is added in signal.c to generate, place, extract, > clear and verify the signal cookie. >
Potentially silly question: it's been a while since I read the SROP paper, but would the technique be effectively mitigated if sigreturn were to zero out the whole signal frame before returning to user mode?
