This guide introduces some common forms of attacks that are used against complex software stacks. The guide also examines the features, including pointer authentication, branch target identification and memory tagging, that are provided in Armv8-A to help mitigate against such attacks. The guide is an overview of these features, and not a technical deep dive. You can use the Related information section to explore some topics in this guide in more detail.

At the end of this guide, you will be able to:

  • Define the terms Return-Oriented Programming (ROP) and Jump-Oriented Programming (JOP).
  • List the features in Armv8-A that help protect against ROP and JOP attacks.
  • Describe how memory tagging can be used to detect memory safety violations, like buffer overruns or use-after-free.
Before you begin

We assume that you are familiar with the Arm memory model. If you are not, you might want to first read our Memory model and Memory management guides.

If you are not familiar with security, we also recommend that you read our Introduction to security guide before reading this guide.