[PATCH] Adding diversity for security

Tom Roeder tmroeder at google.com
Wed Oct 2 10:02:14 PDT 2013 

OpenSSL provides a facility for getting cryptographically strong
pseudorandom numbers: see <openssl/rand.h>. You can call
RAND_bytes(unsigned char *buf, int num) to get a given number of
random bytes. It also supports seeding and state files; see
http://www.openssl.org/docs/crypto/rand.html for the full API. From a
cursory look at the patch, it seems like the RandomNumberGenerator
calls could be passed through mostly directly to OpenSSL if libcrypto
is available.

Maybe I'm missing something: do you have requirements that aren't met
by the existing OpenSSL rand functionality?

Tom

On Wed, Oct 2, 2013 at 6:34 AM, Alex Rosenberg <alexr at leftfield.org> wrote:
> I'm not a crypto geek but... I think the choices of seeds need to be explained in the comments.
>
> For example, the result of malloced memory is likely to be just zeros on some platforms and the addresses of command line argument pointers is likely to be constant between runs.
>
> Alex
>
>> On Oct 1, 2013, at 3:13 PM, Stephen Crane <sjcrane at uci.edu> wrote:
>>
>> Adds the capability to randomly insert NOPs, permuting the code layout, as well as the option to randomize scheduling decisions. Includes an OpenSSL-linked RNG to provide secure random number generation.
>>
>> http://llvm-reviews.chandlerc.com/D1802
>>
>> Files:
>>  CMakeLists.txt
>>  Makefile.config.in
>>  autoconf/configure.ac
>>  cmake/config-ix.cmake
>>  cmake/modules/LLVM-Config.cmake
>>  configure
>>  include/llvm/CodeGen/CommandFlags.h
>>  include/llvm/CodeGen/MachineInstr.h
>>  include/llvm/Config/config.h.cmake
>>  include/llvm/Config/config.h.in
>>  include/llvm/MC/MCRegisterInfo.h
>>  include/llvm/Support/RandomNumberGenerator.h
>>  include/llvm/Target/TargetOptions.h
>>  lib/CodeGen/LLVMBuild.txt
>>  lib/CodeGen/MachineBasicBlock.cpp
>>  lib/CodeGen/SelectionDAG/ScheduleDAGRRList.cpp
>>  lib/LTO/LTOCodeGenerator.cpp
>>  lib/LTO/LTOModule.cpp
>>  lib/Support/CMakeLists.txt
>>  lib/Support/RandomNumberGenerator.cpp
>>  lib/Target/X86/CMakeLists.txt
>>  lib/Target/X86/NOPInsertion.cpp
>>  lib/Target/X86/X86.h
>>  lib/Target/X86/X86TargetMachine.cpp
>>  test/CodeGen/X86/nop-insert-percentage.ll
>>  test/CodeGen/X86/nop-insert.ll
>>  test/CodeGen/X86/sched-rnd-test.ll
>>  test/Makefile
>>  test/lit.cfg
>>  test/lit.site.cfg.in
>>  tools/llc/llc.cpp
>>  tools/opt/opt.cpp
>> <D1802.1.patch>
>> _______________________________________________
>> llvm-commits mailing list
>> llvm-commits at cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
>
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits

More information about the llvm-commits mailing list