similar to: [LLVMdev] GSOC project on KCoFI

Hi I want to pursue a project based to improve the existing KCoFI method which is the Control Flow integrity method for commodity os. Since KCoFI is a llvm based project I plan to undertake the project to improve the existing KCoFI method. Following are the improvements that I want to pursue: 1. To improve the call graph used in KCoFI. Implement a stronger call graph. 2. Port the KCoFI to

> From the provided documentation I understood that in memory data > structures of a PNaCl program are incompatible to the host program because > ABIs are different (e.g. PNaCl pointers are always 32-bit even when running > on x86_64 platform). > So PNaCl program can't access any data structures of the host program > directly. The only communication way is by using syscalls,

Am 19.06.2013 18:01, schrieb JF Bastien: > > From the provided documentation I understood that in memory data > structures of a PNaCl program are incompatible to the host program > because ABIs are different (e.g. PNaCl pointers are always 32-bit > even when running on x86_64 platform). > So PNaCl program can't access any data structures of the host >

2015-09-01 11:38 GMT+08:00 John Criswell <jtcriswel at gmail.com>: > On 8/31/15 10:43 PM, 慕冬亮 via llvm-dev wrote: > > I want to create an experiment to show the effectiveness of cfi : > For example , > I first need a program with vulnerability so that we can hijack its > control flow; > > then I enforce cfi of llvm and we can't hijack its control flow. > >

On 18 June 2013 15:27, Dmitri Rubinstein <dmitri.rubinstein at googlemail.com>wrote: > Is it possible to use PNaCl infrastructure (i.e. translation and execution > in a sandbox) without a Chrome ? > > I mean a something like a standalone VM like Java or Mono/C#. > Yes. The NaCl tool 'sel_ldr' will run a program inside a sandbox outside of the web browser. We do a

Awesome! Thanks so so much! I'm very interested in doing some work with compilers. Yeah, I'm considering writing a research proposal where I work for JIT-SFI, SFI Evasion Technique and Mitigation, and a few other things. Considering your experience working on modifying llvm, what would you say would be a topic where I could start out doing some good work on, either in a new direction or

From the provided documentation I understood that in memory data structures of a PNaCl program are incompatible to the host program because ABIs are different (e.g. PNaCl pointers are always 32-bit even when running on x86_64 platform). So PNaCl program can't access any data structures of the host program directly. The only communication way is by using syscalls, but the document does not

I want to create an experiment to show the effectiveness of cfi : For example , I first need a program with vulnerability so that we can hijack its control flow; then I enforce cfi of llvm and we can't hijack its control flow. Do you have any advice for me? - mudongliang -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi everyone, I've been working on control-flow integrity (CFI) techniques over LLVM, and I'd like to get feedback on these techniques and their potential usefulness as a part of LLVM. I'd like to submit some patches for this; I've implemented a version of it, and I've applied it to large, real-world programs like Chromium to see how well it holds up in practice. TL;DR: my

Hello, We (the Portable Native Client team) would like to start upstreaming our LLVM modifications which contain support for Software Fault Isolation (SFI) as required for sandboxing programs to run under Native Client. Since the "total patch size" is quite big, we are splitting the effort to manageable chunks that can be committed, tested and reviewed separately as independently as

On 5/24/12 5:41 AM, Duncan Sands wrote: > Hi Kostya, I'm also curious to know where Nuno is going with this, and the > details of his design. I'm worried he might be reinventing the wheel. I'm > also worried that he may be inventing a square wheel :) I believe Nuno's goal is to prevent run-time exploitation of software. Nuno, please correct me if I'm wrong. And

On Thu, May 24, 2012 at 9:23 PM, John Criswell <criswell at illinois.edu>wrote: > On 5/24/12 5:41 AM, Duncan Sands wrote: > > Hi Kostya, I'm also curious to know where Nuno is going with this, and > the > > details of his design. I'm worried he might be reinventing the wheel. > I'm > > also worried that he may be inventing a square wheel :) > >

Hi Greg, Our repos are public already, hosted on the Chromium infrastructure. Our builds are based out of the Native Client repository. The nacl git mirror is at http://git.chromium.org/native_client/src/native_client.git (no gitweb, sorry). That repo has pointers to a bunch of other repos which make pnacl (LLVM, clang, binutils, and a few others. see the file pnacl/DEPS for more). But if you just

Hi Eli, > we are splitting the effort to manageable chunks that can > be committed, tested and reviewed separately as > independently as feasible I'd be interested in experimenting with this stuff sooner than later. Could you dump all the patches in a publicly accessible repo? How about Github? Thanks, Greg On Tue, Dec 4, 2012 at 3:53 PM, Eli Bendersky <eliben at

Hi Fangrui, As you noted we are working on helping our NaCl users transition to WebAssembly and new web APIs that cover the functionality offered by NaCl. In terms of actually turning down the platform features, we recently announced a timeline at https://blog.chromium.org/2020/01/moving-forward-from-chrome-apps.html. In terms of LLM, I would prefer to keep the support we have in the tree until

Context: We use MCJIT to generate machine code in our LLVM based JIT compiler. The code generation process has roughly 5 steps: 0. Generate and optimize LLVM IR. 1. Call generateCodeForModule on the output of (0) to translate LLVM IR to machine code. 2. Figure out the final locations for the code and data generated by MCJIT using an allocator specific to our runtime. Make

I read a lot of white papers, but is there not any open source implementation of SFI or artificial diversity? I google around, but I can't find anywhere anything regarding what I could openly download. In the same respect, I would also like to make an innovation proposal to create such an endeavor if there is not one already. -------------- next part -------------- An HTML attachment was

Hi all, BitstreamReader is the only in-tree client of the DataStreamer and MemoryObject interfaces. In practice when using user-facing LLVM tools, the bitcode will normally either be in memory or in a file, so the best way to access it is through memory, either directly or memory mapped. As part of some refactorings I am making to BitstreamReader, I would like to simplify it by changing it to

On May 31, 2011, at 7:36 PM, Samuel Crow wrote: <snip> >> >> Now my idea for a whacky backend: Just a wrapper of the bitcode writer with its >> own special target triple: bitcode-tarrget-neutral and a generic data layout >> that aligns to single bytes as a placeholder only. It should disallow >> overriding the alignment of individual instructions to avoid

Hi all, If it's not the right place to ask, please forgive me. Currently I'm working on a new operating system concept, called "Om". The first feature would be Android-like apps, coming in *.opk files that would contain all needed resources and source-code expressed in LLVM-IR assembly language. http://sett.com/openminded-os/uid/88508 How does it sound ? Julien