Displaying 20 results from an estimated 60 matches for "safestack".
2017 Feb 18
2
[RFC] Using Intel MPX to harden SafeStack
...> ...
>
> My understanding is that BNDCU is the cheapest possible instruction,
> just like XOR or ADD,
> so the overhead should be relatively small.
> Still my guesstimate would be >= 5% since stores are very numerous.
> And such overhead will be on top of whatever overhead SafeStack has.
> Do you have any measurements to share?
>
Here are estimated SPECint_base2006 component runtimes for some relevant
test configurations:
Runtime in seconds:
+--------------+---------+---------+---------+-------+
|Benchmark|Unpatched|Unpatched|Patched|MPX|
||Base|SafeStack|SafeStack|...
2014 Nov 15
3
[LLVMdev] [PATCH] Protection against stack-based memory corruption errors using SafeStack
Hi Kostya,
>On Wed, Nov 12, 2014 at 2:50 AM, Volodymyr Kuznetsov <vova.kuznetsov at epfl.ch
>> wrote:
>
>> Dear LLVM developers,
>>
>> We've applied the feedback we received on Phabricator on the SafeStack
>> patches,
>>
>
>Did you investigate the possibility of moving the transformation from
>codegen to the LLVM level, i.e. the same level where asan/msan/tsan/dfsan
>work?
>I understand that it's a lot of work, but it will pay off with greater
>portability and mainta...
2014 Nov 04
4
[LLVMdev] [PATCH] Protection against stack-based memory corruption errors using SafeStack
On 4 Nov 2014, at 00:36, Kostya Serebryany <kcc at google.com> wrote:
> You at least increase the memory footprint by doubling the stack sizes.
Not quite. The space overhead is constant for each stack frame - you just need to keep track of the top of two stacks, rather than one. The important overhead is that you reduce locality of reference. You will need a minimum of two cache
2014 Nov 03
8
[LLVMdev] [PATCH] Protection against stack-based memory corruption errors using SafeStack
...ied to parts of
a program selectively.
We attach our implementation of the safe stack as three patches
against current SVN HEAD of LLVM (r221153), clang (r221154) and compiler-rt
(r220991). The same changes are also available on
https://github.com/cpi-llvm <http://github.com/cpi-llvm> in the
safestack-r221153 branches of corresponding repositories. The patches make
the following changes:
-- Add the safestack function attribute, similar to the ssp, sspstrong and
sspreq attributes.
-- Add the SafeStack instrumentation pass that applies the safe stack to
all functions that have the safestack attri...
2017 Feb 01
2
SafeStack on ARM platform
Hi,
I would like to use SafeStack sanitize option on ARM platform. Since Linux libc does not implement such functionality (in opposite to FreeBSD or Android), I need to use SafeStack compiler RT library. Unfortunately I've noticed that libclang_rt.safestack is not compiled/built for ARM platform. Looking into cmake file:
"...
2016 May 31
0
[RFC] Using segmentation to harden SafeStack
Hi,
SafeStack currently relies on address randomization to protect the safe stack. If the location of a safe stack is somehow revealed and a corrupted pointer references it, then a safe stack can be corrupted. The creators of SafeStack envisioned the possibility of using X86 segmentation to further harden Safe...
2014 Nov 17
2
[LLVMdev] [PATCH] Protection against stack-based memory corruption errors using SafeStack
...t;
> On Sat, Nov 15, 2014 at 1:53 PM, Volodymyr Kuznetsov <
> vova.kuznetsov at epfl.ch> wrote:
> > Do you think moving the pass to lib/Transform/Instrumentation but
> > scheduling it during code generation would make sense ? If so, we'll
> > do that and change the safestack tests to use opt instead of llc.
>
> I tried to move the SafeStack to lib/Transform/Instrumentation, but I
> realized that the SafeStack pass depends on TargetMachine: it gets the
> stack alignment from TargetFrameLowering and the location of the unsafe
> stack pointer from TargetLow...
2015 Jun 23
2
[LLVMdev] SafeStack pass and TLS support
Hi all,
Shouldn't SafeStack pass be executed only if the target has TLS support?
E.g. currently for NVPTX there is no way to implement
`__safestack_unsafe_stack_ptr`.
Any comments?
Thanks,
Samuel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attac...
2017 Feb 08
4
[RFC] Using Intel MPX to harden SafeStack
Hi,
I previously posted about using 32-bit X86 segmentation to harden SafeStack: http://lists.llvm.org/pipermail/llvm-dev/2016-May/100346.html That involves lowering the limits of the DS and ES segments that are used for ordinary data accesses while leaving the limit for SS, the stack segment, set to its maximum value. The safe stacks were clustered above the limits of DS an...
2017 Jan 31
1
CFI, Safe-Stack, and -fno-sanitize-trap
...safe-stack. I am getting linker errors when combining -fsanitize=safe-stack, -fsanitize=cfi, and -fno-sanitize-trap=all. Combining safe-stack and CFI without -fno-sanitize-trap=all works as expected.
It looks like clang is attempting to link in two compiler-rt libraries, one for ubsan and one for safestack, and this causes multiply defined symbols.
Is this the expected behavior? Can only one sanitizer at a time have trapping disabled?
The command line to trigger is below.
---
$ clang++-3.9 -flto -fvisibility=default -fsanitize=safe-stack -fsanitize=cfi -fuse-ld=gold -fno-sanitize-trap=all hello.c...
2018 Dec 29
0
Advice for Porting SafeStack to New Pass Manager
On 12/28/18 10:09 PM, Leonard Chan via llvm-dev wrote:
> Hello,
>
> I'm in the process of creating a pass for the new PM for SafeStack
> which is only available as a part of the legacy PM. The only thing
> bugging me is in regards to the TargetPassConfig analysis. Whereas
> most other passes/analyses I have seen separate the logic between the
> actual pass and anything it does to the IRUnits it runs over are in 2
>...
2016 Mar 23
0
[Compiler-rt][SafeStack] Request to merge a patch to 3.8.1
Approved.
On Wed, Mar 23, 2016 at 5:11 AM, Mohit Bhakkad <mohit.bhakkad at gmail.com>
wrote:
> Hi Peter,
>
> Request you to approve the merger of this patch to 3.8.1 branch:
>
> http://reviews.llvm.org/rL262690
>
> Thanks,
> Mohit
>
--
--
Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2018 Dec 28
2
Advice for Porting SafeStack to New Pass Manager
Hello,
I'm in the process of creating a pass for the new PM for SafeStack
which is only available as a part of the legacy PM. The only thing
bugging me is in regards to the TargetPassConfig analysis. Whereas
most other passes/analyses I have seen separate the logic between the
actual pass and anything it does to the IRUnits it runs over are in 2
separate classes, TargetP...
2020 Mar 16
2
Enable Safe Stack for Baremetal?
Hello,
I'm assessing the work required to enable Safe Stack for a bare metal target.
Looking at compiler-rt/lib/safestack/, the current implementation depends on thread support for mutex & storing unsafe stack pointer.
It also need several system calls: gettid, tgkill, mmap, munmap, mprotect.
Our target doesn't has all underlying support it needs. My question is: what's the minimum requirement to port Saf...
2017 Sep 07
2
RFC: Introduce DW_OP_LLVM_memory to describe variables in memory with dbg.value
...ost.
>>
>> ---
>>
>> I think part of the reason I wanted to move in the DW_OP_LLVM_memory
>> direction is that I originally wanted to add a memory offset operand to it.
>> Our actual use cases for complex DWARF expressions typically come from
>> things like safestack, ASan, and blocks. What these all have in common is
>> that they gather up a number of variables and move them off into a struct
>> in heap memory. This is very similar to what happens when we spill a
>> virtual register: instead of describing a register, we modify the
>> ex...
2018 Jul 09
3
Failing compiler-rt LTO test
Hi,
I'm trying to build clang/LLVM and am hitting a test failure in
compiler-rt/test/safestack/lto.c.
I believe the issue is that we've configured clang to use ld.bfd as the
linker. ld.bfd has plugin support as described here:
https://llvm.org/docs/GoldPlugin.html
compiler-rt/test/lit.common.cfg isn't set up to know about ld.bfd:
elif config.host_os == 'Linux' and is_lin...
2018 Feb 19
2
[6.0.0 Release] TIme to wrap it up
Dear everyone,
The release schedule has snuck up on me again, and it's time to wrap
up the release.
We won't make it to the final tag on the 21st as per the schedule, but
I would like to get all outstanding blockers fixed and rc3 tagged by
Friday. Hopefully this would be the last rc and we could go to final
soon after.
If you're involved in a release-blocking bug (see
2018 Feb 20
0
[lldb-dev] [6.0.0 Release] TIme to wrap it up
...also like to get the release notes ready this week. If you've
> been meaning to write something but didn't get around to it yet, now
> is the time.
>
Notes regarding the X86(_64) backend: Preliminary support for Sanitizers
and sibling features on NetBSD (ASan, UBsan, TSan, MSan, SafeStack,
libFuzzer).
Feel free to improve the wording.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 850 bytes
Desc: OpenPGP digital signature
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20180221/8...
2017 Sep 07
2
RFC: Introduce DW_OP_LLVM_memory to describe variables in memory with dbg.value
...gt;
>>>> I think part of the reason I wanted to move in the DW_OP_LLVM_memory
>>>> direction is that I originally wanted to add a memory offset operand to it.
>>>> Our actual use cases for complex DWARF expressions typically come from
>>>> things like safestack, ASan, and blocks. What these all have in common is
>>>> that they gather up a number of variables and move them off into a struct
>>>> in heap memory. This is very similar to what happens when we spill a
>>>> virtual register: instead of describing a register, w...
2018 Jun 24
2
MachineFunction Instructions Pass using Segment Registers
...e function pass dump:
%gs = SUB32ri %gs, 8, implicit-def %eflags
Objdump -d assembly from executable
400510: 81 ed 04 00 00 00 sub $0x8,%ebp
TLDR: I am trying to create custom assembly via BuildMI() and manipulate segment
registers via a MachineFunctionPass.
I have looked at LLVMs safestack implementation, but they are taking a
fairly complicated hybrid approach between an IR Function pass with
Backend support. I would like to stay as a single machinefunction
pass.
Believe me I would do this at the IR level if I didnt need to
specifically use the segment registers.
Thanks for the he...