A good paper came out a few years ago that defeats ROP by adding protections to ensure that returns/calls/jumps are only taken if the function was entered at its entry point, and rearranging register allocation if the compiler creates unaligned instructions that can be used to ret/jmp. They say the performance penalty isn't huge, but I guess it must be enough if people aren't implementing it.<p>[1] G-Free: Defeating Return-Oriented Programming
through Gadget-less Binaries (<a href="http://iseclab.org/papers/gfree.pdf" rel="nofollow">http://iseclab.org/papers/gfree.pdf</a>)
"kernel symbols hiding" ... I always find that to be funny. Once your code is in kernel space, searching for kernel symbols by name is easy. Proof is in the program I wrote called virt-dmesg which uses heuristics to search for the main symbol table, and also for kallsyms if available<p><a href="http://people.redhat.com/~rjones/virt-dmesg/" rel="nofollow">http://people.redhat.com/~rjones/virt-dmesg/</a>