[Diffusion] rL225908: Insert random noops to increase security against ROP attacks (llvm)

Tue Jan 13 21:24:22 PST 2015

Sounds good.

The test failures on Linux are due to implementation differences in
std::uniform_random_distribution across C++ libs. The mt19937_64 RNG
is guaranteed to be stable across platforms, but the distributions
aren't. My mistake, in rushing to fix the slight bias of simply using
the mod operator, I forgot to check this. I'll code up an unbiased,
portable distribution to convert to [0,100) range tomorrow.

- stephen

On Tue, Jan 13, 2015 at 9:19 PM, JF Bastien <jfb at chromium.org> wrote:
> Let me revert for now, and we can figure out a fix tomorrow.
>
> On Tue, Jan 13, 2015 at 8:13 PM, Stephen Crane <sjcrane at uci.edu> wrote:
>>
>> Adding llvm-commits. Sorry, didn't realize it wasn't on here.
>>
>> On Tue, Jan 13, 2015 at 7:43 PM, Stephen Crane <sjcrane at uci.edu> wrote:
>> > Here's a patch that should fix the RNG distribution initialization
>> > compilation failure on Windows. Relevant buildbot failure:
>> > http://lab.llvm.org:8011/builders/lld-x86_64-win7/builds/16201
>> >
>> > I'm not even sure if this static initializer is allowed in LLVM's
>> > codebase. If not, we can just initialize a Distribution for each
>> > runOnMachineFunction or allocate a Distribution in the constructor.
>> >
>> > There are also test failures on Linux. I'll figure out why in a bit
>> > when I've finished recompiling on a linux machine. Relevant BB
>> > failures:
>> > http://lab.llvm.org:8011/builders/llvm-s390x-linux1/builds/12598
>> > http://lab.llvm.org:8011/builders/llvm-aarch64-linux/builds/6051
>> > http://bb.pgr.jp/builders/cmake-llvm-x86_64-linux/builds/20016
>> > http://lab.llvm.org:8011/builders/clang-x86_64-debian-fast/builds/22286
>> >
>> > - stephen
>> >
>> > On Tue, Jan 13, 2015 at 5:18 PM, JF Bastien <jfb at chromium.org> wrote:
>> >> Insert random noops to increase security against ROP attacks (llvm)
>> >>
>> >> A pass that adds random noops to X86 binaries to introduce diversity
>> >> with the goal of increasing security against most return-oriented
>> >> programming attacks.
>> >>
>> >> Command line options:
>> >>
>> >>   -noop-insertion // Enable noop insertion.
>> >>   -noop-insertion-percentage=X // X% of assembly instructions will have
>> >> a noop prepended (default: 50%, requires -noop-insertion)
>> >>   -max-noops-per-instruction=X // Randomly generate X noops per
>> >> instruction. ie. roll the dice X times with probability set above (default:
>> >> 1). This doesn't guarantee X noop instructions.
>> >>
>> >> In addition, the following 'quick switch' in clang enables basic
>> >> diversity using default settings (currently: noop insertion and schedule
>> >> randomization; it is intended to be extended in the future).
>> >>
>> >>   -fdiversify
>> >>
>> >> This is the llvm part of the patch.
>> >> clang part: http://reviews.llvm.org/D3393
>> >>
>> >> http://reviews.llvm.org/D3392
>> >> Patch by Stephen Crane (@rinon)
>> >>
>> >>
>> >> AFFECTED FILES
>> >>   /llvm/trunk/include/llvm/CodeGen/CommandFlags.h
>> >>   /llvm/trunk/include/llvm/CodeGen/NoopInsertion.h
>> >>   /llvm/trunk/include/llvm/CodeGen/Passes.h
>> >>   /llvm/trunk/include/llvm/InitializePasses.h
>> >>   /llvm/trunk/include/llvm/Support/RandomNumberGenerator.h
>> >>   /llvm/trunk/include/llvm/Target/TargetInstrInfo.h
>> >>   /llvm/trunk/include/llvm/Target/TargetOptions.h
>> >>   /llvm/trunk/lib/CodeGen/CMakeLists.txt
>> >>   /llvm/trunk/lib/CodeGen/CodeGen.cpp
>> >>   /llvm/trunk/lib/CodeGen/NoopInsertion.cpp
>> >>   /llvm/trunk/lib/CodeGen/Passes.cpp
>> >>   /llvm/trunk/lib/Target/X86/X86InstrInfo.cpp
>> >>   /llvm/trunk/lib/Target/X86/X86InstrInfo.h
>> >>   /llvm/trunk/test/CodeGen/Mips/noop-insert.ll
>> >>   /llvm/trunk/test/CodeGen/PowerPC/noop-insert.ll
>> >>   /llvm/trunk/test/CodeGen/X86/noop-insert-percentage.ll
>> >>   /llvm/trunk/test/CodeGen/X86/noop-insert.ll
>> >>
>> >> USERS
>> >>   jfb (Author)
>> >>   dsanders (Auditor)
>> >>
>> >> http://reviews.llvm.org/rL225908
>> >>
>> >> EMAIL PREFERENCES
>> >>   http://reviews.llvm.org/settings/panel/emailpreferences/
>> >>
>> >>
>
>