Displaying 20 results from an estimated 106 matches for "rop".
Did you mean:
op
2020 Aug 12
4
[RFC] Zeroing Caller Saved Regs
...d.Chisnall at cl.cam.ac.uk> wrote:
> >> I think it would be useful for the discussion to have a clear threat model that this intends to defend against and a rough analysis of the security benefits that this is believed to bring.
> >
> > I view this as being even more about a ROP defense. Dealing with spill
> > slots is, IMO, a separate issue, more related to the auto-var-init
> > work (though that would be stack erasure on function exit, rather than
> > entry, which addresses a different set of issues). I think this thread
> > from the GCC list has...
2012 Nov 06
1
[PATCH] drm/nv50: decode PGRAPH status registers on TLB flush fail
Now it outputs:
nouveau E[ PGRAPH][0000:02:00.0] PGRAPH TLB flush idle timeout fail
nouveau E[ PGRAPH][0000:02:00.0] PGRAPH_STATUS: BUSY DISPATCH VFETCH CCACHE_UNK4 STRMOUT_GSCHED_UNK5 UNK14XX UNK1CXX CLIPID ZCULL ENG2D UNK34XX TPRAST TPROP ROP (0x011fde03)
nouveau E[ PGRAPH][0000:02:00.0] PGRAPH_VSTATUS: CCACHE (0x00145b4d) (0x0000002d) ENG2D ROP (0x0034db40)
instead of:
[drm] nouveau 0000:02:00.0: PGRAPH TLB flush idle timeout fail: 0x011fde03 0x00145b4d 0x0000002d 0x0034db40
Based on envytools docs.
Signed-off-by: Marcin Slusar...
2013 Aug 28
0
[LLVMdev] Adding diversity for security (and testing)
...ings LLVM Devs!
>
> I am a PhD student in the Secure Systems and Software Lab at UC
> Irvine. We have been working on adding randomness into code generation
> to create a diverse population of binaries. This diversity prevents
> code-reuse attacks such as return-oriented-programming (ROP) by
> denying the attacker information about the exact code layout. ROP has
> been used is several high-profile recent attacks, and has also been
> used as a jailbreaking avenue. We believe our transformations would
> provide a significant security benefit for LLVM users who choose to
&...
2020 Aug 07
2
[RFC] Zeroing Caller Saved Regs
...8 AM David Chisnall
<David.Chisnall at cl.cam.ac.uk> wrote:
> I think it would be useful for the discussion to have a clear threat model that this intends to defend against and a rough analysis of the security benefits that this is believed to bring.
I view this as being even more about a ROP defense. Dealing with spill
slots is, IMO, a separate issue, more related to the auto-var-init
work (though that would be stack erasure on function exit, rather than
entry, which addresses a different set of issues). I think this thread
from the GCC list has some good details on the ROP defense:
h...
2013 Aug 26
10
[LLVMdev] Adding diversity for security (and testing)
Greetings LLVM Devs!
I am a PhD student in the Secure Systems and Software Lab at UC
Irvine. We have been working on adding randomness into code generation
to create a diverse population of binaries. This diversity prevents
code-reuse attacks such as return-oriented-programming (ROP) by
denying the attacker information about the exact code layout. ROP has
been used is several high-profile recent attacks, and has also been
used as a jailbreaking avenue. We believe our transformations would
provide a significant security benefit for LLVM users who choose to
use diversity. For mo...
2013 Aug 29
2
[LLVMdev] Adding diversity for security (and testing)
...>
> I am a PhD student in the Secure Systems and Software Lab at UC
> Irvine. We have been working on adding randomness into code generation
> to create a diverse population of binaries. This diversity prevents
> code-reuse attacks such as return-oriented-programming (ROP) by
> denying the attacker information about the exact code layout. ROP has
> been used is several high-profile recent attacks, and has also been
> used as a jailbreaking avenue. We believe our transformations would
> provide a significant security benefit for LLVM users...
2014 Aug 20
6
[Bug 82843] New: [NV96][Regression][Bisected] Failure to resume
https://bugs.freedesktop.org/show_bug.cgi?id=82843
Priority: medium
Bug ID: 82843
Assignee: nouveau at lists.freedesktop.org
Summary: [NV96][Regression][Bisected] Failure to resume
QA Contact: xorg-team at lists.x.org
Severity: normal
Classification: Unclassified
OS: Linux (All)
Reporter: trevor.davenport
2012 Aug 19
1
[PATCH 01/10] drm/nv50: decode PGRAPH status registers on TLB flush fail
Now it outputs:
nouveau E[ PGRAPH][0000:02:00.0] PGRAPH TLB flush idle timeout fail
nouveau E[ PGRAPH][0000:02:00.0] PGRAPH_STATUS: BUSY DISPATCH VFETCH CCACHE_UNK4 STRMOUT_GSCHED_UNK5 UNK14XX UNK1CXX CLIPID ZCULL ENG2D UNK34XX TPRAST TPROP ROP (0x011fde03)
nouveau E[ PGRAPH][0000:02:00.0] PGRAPH_VSTATUS_0: CCACHE (0x00145b4d)
nouveau E[ PGRAPH][0000:02:00.0] PGRAPH_VSTATUS_1: (0x0000002d)
nouveau E[ PGRAPH][0000:02:00.0] PGRAPH_VSTATUS_2: ENG2D ROP (0x0034db40)
instead of:
[drm] nouveau 0000:02:00.0: PGRAPH TLB flush idle timeout...
2013 Aug 27
0
[LLVMdev] Adding diversity for security (and testing)
On Aug 26, 2013, at 2:39 PM, Stephen Crane <sjcrane at uci.edu> wrote:
> We have been working on adding randomness into code generation
> to create a diverse population of binaries. This diversity prevents
> code-reuse attacks such as return-oriented-programming (ROP) by
> denying the attacker information about the exact code layout.
Putting on my security hat (as opposed to my lurking-on-compiler-mailing-lists hat), note that artificial software heterogeneity doesn't actually prevent ROP, it makes it harder in a qualitatively similar way to ASLR. With...
2006 Apr 23
4
Problem "wining" Ragnarok Online
Hi to all,
im a new linux/wine user and im having some problems to wine a ragnarok
client...
[hillo@Umbrella RO]$ wine roP.exe
err:module:LdrInitializeThunk "binkw32.dll" failed to initialize, aborting
err:module:LdrInitializeThunk Main exe initialization for L"H:\\RO\\roP.exe"
failed, status c0000142
[hillo@Umbrella RO]$
Im using a fake drive_c with all .dll in ~/system32 paste
thanks for any kind...
2019 Nov 22
2
Random nop insertion pass
> On Nov 21, 2019, at 14:23, Robinson, Paul via llvm-dev <llvm-dev at lists.llvm.org> wrote:
>
> Some years ago there was a random-nop-insertion pass (for ROP gadget removal) proposed, which didn't stick; we recently had a summer intern work on it but did not get to proper quality; I'd like to revive that.
Hi Paul,
I'm curious about what the use case for this was. In the normal course of binary distribution of programs, the addition of nops...
2013 Aug 29
3
[LLVMdev] Adding diversity for security (and testing)
...se-cases which could benefit, especially in small
deployments. Additionally, the benefits may outweigh the increase in
deployment costs for larger deployments.
> 2. Does this actually fill a gap in our protections? How do we ever
> get into the situation where the user is able to deploy a ROP attack
> against us, without tripping asan or ubsan or something caught by our
> warnings or the static analyzer or any of the other protections
> offered by clang and llvm? It may suffice that there exists a niche
> which can't afford the performance penalty from asan or other...
2013 Sep 09
0
[LLVMdev] Adding diversity for security (and testing)
...benefit, especially in small deployments.
> Additionally, the benefits may outweigh the increase in deployment costs
> for larger deployments.
>
>
> 2. Does this actually fill a gap in our protections? How do we ever get
>> into the situation where the user is able to deploy a ROP attack against
>> us, without tripping asan or ubsan or something caught by our warnings or
>> the static analyzer or any of the other protections offered by clang and
>> llvm? It may suffice that there exists a niche which can't afford the
>> performance penalty from as...
2017 Mar 29
0
[PATCH 12/15] gr: support for GP10B
...nvkm-y += nvkm/engine/gr/ctxnv50.o
diff --git a/drm/nouveau/nvkm/engine/gr/gf100.h b/drm/nouveau/nvkm/engine/gr/gf100.h
index 1d2101af2a87..22e7c6f44e88 100644
--- a/drm/nouveau/nvkm/engine/gr/gf100.h
+++ b/drm/nouveau/nvkm/engine/gr/gf100.h
@@ -125,6 +125,7 @@ struct gf100_gr_func {
void (*init_rop_active_fbps)(struct gf100_gr *);
void (*init_ppc_exceptions)(struct gf100_gr *);
void (*init_swdx_pes_mask)(struct gf100_gr *);
+ void (*init_num_active_ltcs)(struct gf100_gr *);
void (*set_hww_esr_report_mask)(struct gf100_gr *);
const struct gf100_gr_pack *mmio;
struct {
@@ -301,4 +302,...
2010 Apr 11
1
[PATCH 2/2] drm/nv04: Implement missing nv04 PGRAPH methods in software.
....
+ * - bits 15-17: 2d operation [aka patch config]
+ * - bits 20-22: dither mode
+ * - bit 24: patch valid [enables rendering using this object]
+ * - bit 25: surface_dst/surface_color/surf2d/surf3d valid
+ * - bit 26: surface_src/surface_zeta valid
+ * - bit 27: pattern valid
+ * - bit 28: rop valid
+ * - bit 29: beta1 valid
+ * - bit 30: beta4 valid
+ * word 1:
+ * - bits 0-1: mono format
+ * - bits 8-13: color format
+ * - bits 16-31: DMA_NOTIFY instance
+ * word 2:
+ * - bits 0-15: DMA_A instance
+ * - bits 16-31: DMA_B instance
+ *
+ * NV05 will set/unset the relevant valid bi...
2015 Mar 08
2
[LLVMdev] Inspecting target-specific opcodes in machine function pass
...thank you very much for answering. I am trying to do the following: get the
encoding for each instruction and if that encoding contains a C3 byte,
insert a NOP instruction (or multiple NOP instructions, or any other
instructions) before that instruction. The idea behind this is to protect
against ROP (Return Oriented Programming) attacks. By inserting a NOP the
attacker can no longer abuse alignment to get a useful gadget. I thought a
machine function pass would be sufficient to accomplish this. However, now
I realize that this was probably a rather naive thought.
Can you think of any other ap...
2012 Sep 03
21
[Bug 54437] New: linux-nouveau2.6 (3.6.0-rc4) : GTX580 : Xorg freezes when using accel
https://bugs.freedesktop.org/show_bug.cgi?id=54437
Bug #: 54437
Summary: linux-nouveau2.6 (3.6.0-rc4) : GTX580 : Xorg freezes
when using accel
Classification: Unclassified
Product: xorg
Version: git
Platform: x86-64 (AMD64)
OS/Version: Linux (All)
Status: NEW
Severity: critical
2003 Jun 30
3
Connections, but no voice paths except by console
...to work reliably. Kphone will register and connect, but if I dial a
different softphone on the same machine and get routed to voice mail, I
hear the voice mail announcement but I am unable to leave a voice mail
messsage. The reason is explicit on the debug output (I nearly used the
phrase "ROP"!), which says that the voicemail SIP connection is dropped
because there's been no input.
If I reach the other softphone, I cannot transmit from one to the other.
Is the inability to transmit part of the continuing problems between
Asterisk and ALSA?
(2) If I dial from the console in...
2012 Nov 25
1
Reproducible "PGRAPH TLB flush timeout" hang on NV96
...also updated the kernel to latest because it has the improved parsing:
Nov 25 23:42:57 madman kernel: [ 169.014553] nouveau E[
PGRAPH][0000:01:00.0] PGRAPH_STATUS : 0x019ffe03 BUSY DISPATCH VFETCH
CCACHE_UNK4 STRMOUT_GSCHED_UNK5 UNK14XX UNK24XX_CSCHED UNK1CXX CLIPID
ZCULL ENG2D UNK34XX TPRAST TPROP MP ROP
Nov 25 23:42:57 madman kernel: [ 169.014564] nouveau E[
PGRAPH][0000:01:00.0] PGRAPH_VSTATUS0: 0x00145009 VFETCH CCACHE
Nov 25 23:42:57 madman kernel: [ 169.014569] nouveau E[
PGRAPH][0000:01:00.0] PGRAPH_VSTATUS1: 0x0000102d MP
Nov 25 23:42:57 madman kernel: [ 169.014573] nouveau E[
PGRA...
2014 Feb 05
0
[PATCH] drm/nv50/graph: update status enum names
...t; },
+ { 0x00002000, "RATTR_APLANE" },
+ { 0x00004000, "TRAST" },
{ 0x00008000, "CLIPID" },
{ 0x00010000, "ZCULL" },
{ 0x00020000, "ENG2D" },
- { 0x00040000, "UNK34XX" },
- { 0x00080000, "TPRAST" },
- { 0x00100000, "TPROP" },
- { 0x00200000, "TEX" },
- { 0x00400000, "TPVP" },
- { 0x00800000, "MP" },
+ { 0x00040000, "RMASK" },
+ { 0x00080000, "TPC_RAST" },
+ { 0x00100000, "TPC_PROP" },
+ { 0x00200000, "TPC_TEX" },
+ { 0x00400000, "TPC_GEO...