search for: homescu

Hi everyone, I would like to share a paper my co-authors and I published at CGO 2013, where we used profiling support in LLVM for efficient code layout randomization: Andrei Homescu, Steven Neisius, Per Larsen, Stefan Brunthaler, Michael Franz. Profile-guided Automated Software Diversity. In Proceedings of the 2013 International Symposium on Code Generation and Optimization, CGO '13, Shenzhen, China, February 2013. Link: http://www.ics.uci.edu/~ahomescu/multicompiler_cgo13...

...ment with both caller- and callee-saved registers to determine which is most efficient. [1] M. Backes and S. Nürnberger. Oxymoron - making fine-grained memory randomization practical by allowing code sharing. In USENIX Security Symposium, 2014. https://www.usenix.org/node/184466 [2] S. Crane, A. Homescu, and P. Larsen. Code randomization: Haven’t we solved this problem yet? In IEEE Cybersecurity Development Conference (SecDev), 2016. http://www.ics.uci.edu/~perl/sd16_pagerando.pdf

...> feedback on our proposed changes before submitting patches for > detailed consideration. Please make sure that the LLVM nightly test suite passes with randomization enabled. > > Thanks, > Stephen Crane > Secure Systems and Software Lab > UC Irvine > > > [1] A. Homescu, S. Neisius, P. Larsen, S. Brunthaler, and M. Franz; > “Profile-guided Automated Software Diversity,” in 2013 International > Symposium on Code Generation and Optimization (CGO 2013), Shenzhen, > China; February 2013. > > _______________________________________________ > LLVM Dev...

...is >> most efficient. >> >> >> [1] M. Backes and S. Nürnberger. Oxymoron - making fine-grained memory >> randomization practical by allowing code sharing. In USENIX Security >> Symposium, 2014. https://www.usenix.org/node/184466 >> >> [2] S. Crane, A. Homescu, and P. Larsen. Code randomization: Haven’t >> we solved this problem yet? In IEEE Cybersecurity Development >> Conference (SecDev), 2016. >> http://www.ics.uci.edu/~perl/sd16_pagerando.pdf >> _______________________________________________ >> LLVM Developers mailing l...

That breaks the whole IR idea of using alloca to allocate/denote space for local variables, and then optimize those into SSA values when optimization proves that is OK. Also, for a lot of things, that attribute is simply impossible to implement. Any value that is live across a call needs to be spilled to memory. You cannot put an unspillable value in a callee preserved register, because you

...> >>> [1] M. Backes and S. Nürnberger. Oxymoron - making fine-grained memory > >>> randomization practical by allowing code sharing. In USENIX Security > >>> Symposium, 2014. https://www.usenix.org/node/184466 > >>> > >>> [2] S. Crane, A. Homescu, and P. Larsen. Code randomization: Haven’t > >>> we solved this problem yet? In IEEE Cybersecurity Development > >>> Conference (SecDev), 2016. > >>> http://www.ics.uci.edu/~perl/sd16_pagerando.pdf > >>> ______________________________________________...

...ications. We are in the process of writing test cases and double checking formatting to produce a useful patch, but would like to solicit feedback on our proposed changes before submitting patches for detailed consideration. Thanks, Stephen Crane Secure Systems and Software Lab UC Irvine [1] A. Homescu, S. Neisius, P. Larsen, S. Brunthaler, and M. Franz; “Profile-guided Automated Software Diversity,” in 2013 International Symposium on Code Generation and Optimization (CGO 2013), Shenzhen, China; February 2013.

...on - making fine-grained >>> >>> memory >>> >>> randomization practical by allowing code sharing. In USENIX Security >>> >>> Symposium, 2014. https://www.usenix.org/node/184466 >>> >>> >>> >>> [2] S. Crane, A. Homescu, and P. Larsen. Code randomization: Haven’t >>> >>> we solved this problem yet? In IEEE Cybersecurity Development >>> >>> Conference (SecDev), 2016. >>> >>> http://www.ics.uci.edu/~perl/sd16_pagerando.pdf >>> >>> ______________...