[PATCH] Insert random noops to increase security against ROP attacks (llvm)

JF Bastien jfb at chromium.org
Mon Jan 5 19:17:52 PST 2015 

I also recommend:

http://matasano.com/research/Attacking_Clientside_JIT_Compilers_Paper.pdf


On Mon, Jan 5, 2015 at 4:32 PM, Stephen Crane <sjcrane at uci.edu> wrote:

> Hi Mehdi,
>
> I looked around for a good (not-paywalled) intro, and I think
> "Profile-guided Automated Software Diversity" from CGO'13 has a good
> background on inserting noops to randomize the code layout:
> https://www.ics.uci.edu/~ahomescu/multicompiler_cgo13.pdf
>
> A better reference is
> http://link.springer.com/chapter/10.1007%2F978-1-4614-5416-8_8 if you
> have access to the Springer library.
>
> In a nutshell, the idea is to create functionally equivalent copies of
> the software with different code layouts to prevent attackers from
> knowing where the code they want to reuse is located.
>
> - stephen
>
>
> On Mon, Jan 5, 2015 at 3:57 PM, Mehdi Amini <mehdi.amini at apple.com> wrote:
> > Hi,
> >
> > I don’t have much background on this topic, but I’m interested to
> understand how inserting a random number of noops help addressing ROP
> attacks. Do you have a link that explains this “counter-measure”?
> >
> > Thanks,
> >
> > Mehdi
> >
> >> On Jan 5, 2015, at 2:59 PM, Stephen Crane <sjcrane at uci.edu> wrote:
> >>
> >> - Revert loop termination back to include insertion slot before
> terminators.
> >> - Fix spelling
> >> - Update tests to reflect new default insertion percentage.
> >> - Formatting fixes
> >>
> >>
> >> http://reviews.llvm.org/D3392
> >>
> >> Files:
> >>  include/llvm/CodeGen/CommandFlags.h
> >>  include/llvm/CodeGen/NoopInsertion.h
> >>  include/llvm/CodeGen/Passes.h
> >>  include/llvm/InitializePasses.h
> >>  include/llvm/Support/RandomNumberGenerator.h
> >>  include/llvm/Target/TargetInstrInfo.h
> >>  include/llvm/Target/TargetOptions.h
> >>  lib/CodeGen/CMakeLists.txt
> >>  lib/CodeGen/CodeGen.cpp
> >>  lib/CodeGen/NoopInsertion.cpp
> >>  lib/CodeGen/Passes.cpp
> >>  lib/Target/X86/X86InstrInfo.cpp
> >>  lib/Target/X86/X86InstrInfo.h
> >>  test/CodeGen/Mips/noop-insert.ll
> >>  test/CodeGen/PowerPC/noop-insert.ll
> >>  test/CodeGen/X86/noop-insert-percentage.ll
> >>  test/CodeGen/X86/noop-insert.ll
> >>
> >> EMAIL PREFERENCES
> >>  http://reviews.llvm.org/settings/panel/emailpreferences/
> >> <D3392.17815.patch>_______________________________________________
> >> llvm-commits mailing list
> >> llvm-commits at cs.uiuc.edu
> >> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150105/d2c0616a/attachment.html>

More information about the llvm-commits mailing list