similar to: [RFC] Pagerando: Page-granularity code randomization

On Sat, Jun 10, 2017 at 4:09 PM, Davide Italiano <davide at freebsd.org> wrote: > On Tue, Jun 6, 2017 at 10:55 AM, Stephen Crane via llvm-dev > <llvm-dev at lists.llvm.org> wrote: >> This RFC describes pagerando, an improvement upon ASLR for shared >> libraries. We're planning to submit this work for upstreaming and >> would appreciate feedback before we get

On Mon, Jun 12, 2017 at 1:03 PM, Stephen Crane <sjc at immunant.com> wrote: > I don't have performance measurements for the new LTO version of > pagerando yet. I'll definitely be thoroughly measuring performance > once the current prototype is finished before moving forward, and will > post results when I have them. > > I'm definitely curious about your work

I could understand a TLB hit if functions that originally happened to be on the same page were spread across many pages, raising the iTLB footprint for a given loop, etc. (reduced spatial locality). For pagerando, since we're splitting on 4k page boundaries and can keep spatial locality (or attempt to improve it), I'm not sure that TLB misses will be a large factor. I expect that the

Hey All, [NOTE: crossposting between freebsd-current@, freebsd-security@, and freebsd-stable at . Please forgive me if crossposting is frowned upon.] Address Space Layout Randomization, or ASLR for short, is an exploit mitigation technology. It helps secure applications against low-level exploits. A popular secure implementation is known as PaX ASLR, which is a third-party patch for Linux. Our

Hey All, [NOTE: crossposting between freebsd-current@, freebsd-security@, and freebsd-stable at . Please forgive me if crossposting is frowned upon.] Address Space Layout Randomization, or ASLR for short, is an exploit mitigation technology. It helps secure applications against low-level exploits. A popular secure implementation is known as PaX ASLR, which is a third-party patch for Linux. Our

+llvmdev Question to MacOS gurus: is there a way to disable ASLR (address space layout randomization) on Darwin at link time instead of doing setenv("DYLD_NO_PIE", "1", 1); and reexec? Thanks, --kcc On Fri, Dec 9, 2011 at 4:28 AM, Alexander Potapenko <glider at google.com>wrote: > The attached patch introduces the disable_aslr option (off by default) > and the

Hi, We are porting some applications from CentOS 4 to CentOS 5, the applications use mmap, and we found out that they sometimes crash in CentOS 5. We found out that this is due to the fact that CentOS 5 does randomization of the address space when loading binaries, libraries, and when using mmap, so that is what's causing our problem. The thing is, I'm trying to google for it, but I did

Hi Adhemerval, Some UBSan tests are timing out randomly. http://lab.llvm.org:8011/builders/clang-cmake-aarch64-full ex: http://lab.llvm.org:8011/builders/clang-cmake-aarch64-full/builds/902 http://lab.llvm.org:8011/builders/clang-cmake-aarch64-full/builds/894 http://lab.llvm.org:8011/builders/clang-cmake-aarch64-full/builds/906

Greetings LLVM Devs! I am a PhD student in the Secure Systems and Software Lab at UC Irvine. We have been working on adding randomness into code generation to create a diverse population of binaries. This diversity prevents code-reuse attacks such as return-oriented-programming (ROP) by denying the attacker information about the exact code layout. ROP has been used is several high-profile recent

Options when creating a main executable -pie This makes a special kind of main executable that is position independent (PIE). On Mac OS X 10.5 and later, the OS the OS will load a PIE at a random address each time it is executed. You cannot create a PIE from .o files compiled with -mdy- namic-no-pic. That means the

On Thu, Dec 05, 2013 at 04:30:04PM +0100, Pino Toscano wrote: > Extracting separately the pot for the various languages and then > creating manually the global pot (by manually joining the above ones > after having stripped their headers) is wrong, since other than being > an hack it can create an invalid pot when the same message appears in > sources written in different languages.

I updated one of my powerpc64le llvm test systems to Fedora 25 and I started getting a whole bunch of sanitizer test case failures. I tried testing some earlier revisions on the new OS that had worked fine under the old but they generate the same errors now so it isn't any changes in llvm. There are two different errors: FATAL: ThreadSanitizer: unsupported VMA range FATAL: Found 47 -

Un ejemplo con un modelo más simple: He especificado este modelo: >formula(m2.pile) ger ~ tem + pot + time Si hago predict me da: >predict(m2.pile,newdata=data.frame(tem=25,pot=0,time=3),type="response") 0.08243262 Extraigo los coeficientes: > coef(m2.pile) (Intercept) tem pot time -1.89521331 -0.02303313 4.74499714 0.02043222 Ahora calculo la

I'm learning how to use tapply. Now I'm having a go at the following code in which dati contains almost 600 lines, Pot - numeric - are the capacities of power plants and SGruppo - text - the corresponding six technologies ("CCC", "CIC","TGC", "CSC","CPC", "TE"). .....................................................

On Dec 9, 2011, at 11:46 AM, Alexander Potapenko wrote: >> Link time is of course better. >> But if there is a syscall (like the one used by setarch) we could call it >> and reexec. >> Using setenv("DYLD_NO_PIE")+reexec looks gross to me. > There's posix_spawnattr_setflags() that can do the job >

On Fri, Dec 9, 2011 at 11:24 AM, Eric Christopher <echristo at apple.com>wrote: > > On Dec 9, 2011, at 11:23 AM, Kostya Serebryany wrote: > > > > On Fri, Dec 9, 2011 at 11:16 AM, Eric Christopher <echristo at apple.com>wrote: > >> >> On Dec 9, 2011, at 11:12 AM, Kostya Serebryany wrote: >> >> > Yes, we have no ASRL with -no_pie. >>

Estimad en s errer en s He hecho este modelo glm m1.pile<-glm(ger~tem+pot+time+I(tem^2)+I(tem^2):pot ,family="binomial" ,data=long.PILE ) Que nos da la probabilidad de germinación de una semilla en función de tem (Temperatura), pot (Humedad del suelo) y time (Tiempo que la semilla pasa en esas condiciones). Ahora quiero, para diferentes tem, pot

Two other things: 1) I get massively more stable execution times on 16.04 than on 14.04 on both x86 and ARM because 16.04 does far fewer gratuitous moves from one core to another, even without explicit pinning. 2) turn off ASLR: "echo 0 > /proc/sys/kernel/randomize_va_space". As well as getting stable addresses for debugging repeatability, it also stabilizes execution time

> As for the patch, I really don't like >   1. 3 different cases for 3 different flavors of MacOS. How are we goring > to support it? The first is Leopard, which we don't want to support at all. Maybe we should check that in some other place. The second is Snow Leopard, where ASLR is controlled by the DYLD_NO_PIE env var, which is read by the dynamic loader. The third is Lion,

On Aug 26, 2013, at 2:39 PM, Stephen Crane <sjcrane at uci.edu> wrote: > We have been working on adding randomness into code generation > to create a diverse population of binaries. This diversity prevents > code-reuse attacks such as return-oriented-programming (ROP) by > denying the attacker information about the exact code layout. Putting on my security hat (as opposed to