[PATCH] Insert random noops to increase security against ROP attacks (llvm)
Mehdi AMINI
mehdi.amini at apple.com
Mon Jan 5 21:53:40 PST 2015
Hi Stephen,
I think my comment was lost in the rather long discussion about the merit of this technique, so I ask again:
Independently of the randomization aspect, I think that the compiler should be able to deterministically get rid of the situation shown Figure 2 in https://www.ics.uci.edu/~ahomescu/multicompiler_cgo13.pdf ; i.e. when a gadget is formed by jumping in the middle of an instruction encoding. The compiler could break it by inserting a nop in these case. Now I’m not sure if it is easy to identify these cases from the assembly code or if it has to be done on the binary code itself?
—
Mehdi
http://reviews.llvm.org/D3392
EMAIL PREFERENCES
http://reviews.llvm.org/settings/panel/emailpreferences/
More information about the llvm-commits
mailing list