[llvm-dev] Random nop insertion pass
Stephen Checkoway via llvm-dev
llvm-dev at lists.llvm.org
Thu Nov 21 16:00:48 PST 2019
> On Nov 21, 2019, at 14:23, Robinson, Paul via llvm-dev <llvm-dev at lists.llvm.org> wrote:
>
> Some years ago there was a random-nop-insertion pass (for ROP gadget removal) proposed, which didn't stick; we recently had a summer intern work on it but did not get to proper quality; I'd like to revive that.
Hi Paul,
I'm curious about what the use case for this was. In the normal course of binary distribution of programs, the addition of nops doesn't affect ROP in any significant way. (For a while, inserting a nop before a ret broke ROPgadget's [1] ability to find interesting code sequences since it was looking for fixed sequences of instructions.)
I could imagine it being used for JITted code. If that was the use case in mind, did you happen to compare it to other randomized codegen?
I'm only curious because this has historically been an area of research of mine [2,3,4], not any sort of pressing matter.
Thank you,
Steve
1. https://github.com/JonathanSalwan/ROPgadget
2. https://checkoway.net/papers/evt2009/evt2009.pdf
3. https://checkoway.net/papers/noret_ccs2010/noret_ccs2010.pdf
4. https://checkoway.net/papers/fcfi2014/fcfi2014.pdf
--
Stephen Checkoway
More information about the llvm-dev
mailing list