[PATCH] Adding diversity for security

Stephen Crane sjcrane at uci.edu
Fri Oct 11 10:34:38 PDT 2013 

  Rewrote the RNG somewhat to comply with CTR_DRBG. Generation now complies with the spec, although without reseeding. Since we need predictability and only have a single entropy source (command line flag), we cannot reseed with additional entropy.
  Also added TargetOption updates in a few places where it got forgotton and fixed a bool cast.

http://llvm-reviews.chandlerc.com/D1802

CHANGE SINCE LAST DIFF
  http://llvm-reviews.chandlerc.com/D1802?vs=4727&id=4848#toc

Files:
  lib/LTO/LTOCodeGenerator.cpp
  lib/Support/RandomNumberGenerator.cpp
  lib/Target/X86/NOPInsertion.cpp
  tools/llvm-lto/llvm-lto.cpp

Index: lib/LTO/LTOCodeGenerator.cpp
===================================================================
--- lib/LTO/LTOCodeGenerator.cpp
+++ lib/LTO/LTOCodeGenerator.cpp
@@ -134,6 +134,7 @@
   Options.PositionIndependentExecutable = options.PositionIndependentExecutable;
   Options.EnableSegmentedStacks = options.EnableSegmentedStacks;
   Options.UseInitArray = options.UseInitArray;
+  Options.NOPInsertion = options.NOPInsertion;
 }
 
 void LTOCodeGenerator::setDebugInfo(lto_debug_model debug) {
Index: lib/Support/RandomNumberGenerator.cpp
===================================================================
--- lib/Support/RandomNumberGenerator.cpp
+++ lib/Support/RandomNumberGenerator.cpp
@@ -132,7 +132,7 @@
 
     memset(Key, 0, AES_KEY_LENGTH);
     memset(V, 0, AES_BLOCK_SIZE);
-    AES_set_encrypt_key((unsigned char *)&Key, AES_KEY_LENGTH * 8, &AESKey);
+    AES_set_encrypt_key(Key, AES_KEY_LENGTH * 8, &AESKey);
     CTR_DRBG_Update(SeedMaterial);
   }
 
Index: lib/Target/X86/NOPInsertion.cpp
===================================================================
--- lib/Target/X86/NOPInsertion.cpp
+++ lib/Target/X86/NOPInsertion.cpp
@@ -100,7 +100,7 @@
         int NOPCode = RandomNumberGenerator::Generator()->Random(MAX_NOPS);
 
         MachineInstr *NewMI = NULL;
-        unsigned reg = nopRegs[NOPCode][!!is64Bit];
+        unsigned reg = nopRegs[NOPCode][is64Bit];
         switch (NOPCode) {
         case NOP:
           NewMI = BuildMI(*BB, I, I->getDebugLoc(), TII->get(X86::NOOP));
Index: tools/llvm-lto/llvm-lto.cpp
===================================================================
--- tools/llvm-lto/llvm-lto.cpp
+++ tools/llvm-lto/llvm-lto.cpp
@@ -80,6 +80,7 @@
   Options.PositionIndependentExecutable = EnablePIE;
   Options.EnableSegmentedStacks = SegmentedStacks;
   Options.UseInitArray = UseInitArray;
+  Options.NOPInsertion = NOPInsertion;
 
   unsigned BaseArg = 0;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D1802.4.patch
Type: text/x-patch
Size: 1914 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20131011/4d25387e/attachment.bin>

More information about the llvm-commits mailing list