[LLVMdev] JIT and security
Evan Cheng
evan.cheng at apple.com
Sun Nov 1 14:33:48 PST 2009
Check out professor Saman Amarasinghe's work. It was being
commercialized by a company called Determina (which has since been
acquired by VMWare).
Evan
On Oct 18, 2009, at 1:46 PM, Oleg Knut wrote:
> Hello,
>
> I'm writing JIT compiler that will run a third party code. My goal is
> to build it with security layer that will allow me to prevent some
> basic operation that possibly can harm JIT application host computer.
>
> Maybe some of you can guide me on how to do following operations:
> 1) prevent system calls
> 2) memory allocation management (set some limits that can't be used
> by JIT)
> 3) CPU power limiting
>
> I have a guess on how to prevent system calls or some known function
> calls by parsing IR and picking up functions calls that maybe
> unwanted. Another way is to check list of functions in object model.
> Maybe there is already implemented mechanism like that. So, anyone
> could give me a clue.
>
> About RAM and CPU management I have no idea how to do that.
>
> Ideally my JIT compiler have to become a BlackBox, that hosting party
> can configure to his needs.
>
> I hope I can find some help here. That would be great!
>
> Thank you for your time,
> Oleg.
> _______________________________________________
> LLVM Developers mailing list
> LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20091101/bd131c26/attachment.html>
More information about the llvm-dev
mailing list