[PATCH] Adding diversity for security

Alp Toker alp at nuanti.com
Wed Jan 22 15:50:58 PST 2014 

Stephen,

I've looked a bit closer at the clang patch.

I don't understand why this is global:

   llvm::RandomNumberGenerator::SetSalt(SaltString);

LLVM and clang have a strict library design so this would be unreliable 
for anything other than the simplest single-threaded sequential use modes.

We're getting close to fixing the last remaining statics so it doesn't 
seem right to introduce a new one.

Alp.



On 22/01/2014 23:39, Alp Toker wrote:
> On 22/01/2014 23:17, Stephen Crane wrote:
>> Here's the patch for LLVM: http://llvm-reviews.chandlerc.com/D1802 We 
>> ended up basing the RNG on the already integrated implementation of 
>> MD5, to avoid any external dependencies. We are really just waiting 
>> on review of the LLVM patch now that Julian has modified a few things 
>> to take care of a performance concern.
>
> That sounds good.
>
> David Majnemer has already done preliminary review of the clang patch 
> and it looks sane to me.
>
> It will additionally need user documentation explaining the purpose of 
> the feature and noting that stability is not guaranteed between 
> different revisions of the compiler, even with the same seed.
>
> It's my opinion that un-seeded / non-deterministic compilation 
> shouldn't be supported at all. If that isn't the case already would it 
> be reasonable change for you to accommodate?
>
> Apart from that, just blocked on the LLVM changes.
>
> Alp.
>
>
>
>>
>> - stephen
>>
>>
>> On Wed, Jan 22, 2014 at 3:00 PM, Alp Toker <alp at nuanti.com 
>> <mailto:alp at nuanti.com>> wrote:
>>
>>     The clang side looks fine, but there's very little context as to
>>     what's going on here so not possible to review it just like that.
>>
>>     The patch rebases to clang ToT fine but doesn't build due to
>>     missing RNG facilities in LLVM -- could you give a refresher of
>>     the status of that with a link? It's been long enough that not
>>     everyone remembers the discussion.
>>
>>     The last I remember of the discussion was that linking to OpenSSL
>>     can be painful, and it doesn't feel right as a dependency. What
>>     are the other options for pseudo RNG and could we have a simpler
>>     scheme?
>>
>>     That'll help get things moving.
>>
>>     Alp.
>>
>>
>>
>>     On 22/01/2014 21:48, Julian Lettner wrote:
>>
>>            Is there anything stopping this from going forward?
>>
>>         http://llvm-reviews.chandlerc.com/D1803
>>         _______________________________________________
>>         cfe-commits mailing list
>>         cfe-commits at cs.uiuc.edu <mailto:cfe-commits at cs.uiuc.edu>
>>         http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
>>
>>
>>     --     http://www.nuanti.com
>>     the browser experts
>>
>>
>

-- 
http://www.nuanti.com
the browser experts

More information about the cfe-commits mailing list