Understanding LLVM Binary to Human-Readable File Translation Process

exercise 24 n.w
1 / 28
Embed
Share

Learn how LLVM's binary-coded output (.bc) is transformed into a human-readable file (.ll) for easier understanding and analysis. Explore the steps involved in this translation process.

  • LLVM
  • Binary
  • Translation
  • Human-Readable
  • File
rayaanacharya
gab_arr Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. EXERCISE 24 LLVM INSTRUMENTATION REVIEW Write your name and answer the following on a piece of paper By default, opt creates a binary-coded machine code output (<file>.bc). How is this file translated back to a human-readble file (<file>.ll) ? 1

  2. EXERCISE 24 SOLUTION LLVM INSTRUMENTATION REVIEW 2

  3. Paper review due Sunday at 11:59 PM ADMINISTRIVIA AND ANNOUNCEMENTS

  4. 4 CLASS PROGRESS SHOWING SOME APPLICATIONS OF STATIC DATAFLOW DESCRIBED A PARTICULAR TYPE OF EVASION AGAINST EXPLICIT DATAFLOW: SIDE CHANNELS BEGAN TO CONSIDER WHAT WE COULD DO ABOUT IT

  5. 5 LAST TIME: LLVM INSTRUMENTATION REVIEW: LAST LECTURE SHOWEDTHECONCRETESTEPSTOUSING LLVM TOINJECTMEASUREMENT Example: Inserted printf() calls before every binary operation Achievable via dynamically loading a .so into llvm via the optimizer (opt load-pass-plugin) via the compiler frontend (clang fpass-plugin) A new way of interacting with LLVM: as a library/framework

  6. REFERENCE MONITORS EECS 677: Software Security Evaluation Drew Davidson

  7. LECTURE OUTLINE Overview Details Instances

  8. 8 BEYOND PASSIVE ANALYSIS REFERENCE MONITORS: OVERVIEW SOFAR, OURFOCUSHASBEENLARGELY ONDETECTINGUNDESIRABLEBEHAVIOR That s valuable! Ask developers to correct their own mistakes Empower users to forgo running bad software

  9. 9 LIMITATIONS OF ANALYSIS REFERENCE MONITORS: OVERVIEW DETECTIONMIGHTNOTBEENOUGH May be in a position where we can t run the analysis STATIC ANALYSIS False positives Scalability issues DYNAMIC ANALYSIS False negatives Run time issues

  10. 10 A HANDS-ON ALTERNATIVE REFERENCE MONITORS: OVERVIEW KEEPBADTHINGSFROMHAPPENINGDURING SYSTEMEXECUTION Requires some sort of specification for bad things Requires some sort of preventative capabilities

  11. 11 PREVENTATIVE CAPABILITIES REFERENCE MONITORS: OVERVIEW SIMPLEFORM Kill the program DATAFLOW FORM Sanitize the data

  12. 12 THE BIG IDEA REFERENCE MONITORS: OVERVIEW KEEPPROGRAMSONTHE STRAIGHTANDNARROW - Articulate a policy for allowed behavior - Keep a running record of security-relevant behavior - Prevent a violation of the policy

  13. 13 SAFETY POLICIES REFERENCE MONITORS: INSTANCES EXECUTIONOFAPROCESSASASEQUENCEOFSTATES Policy is a predicate on sequence prefix Policy depends only on the past of a particular execution once violated, never unviolates INCAPABLEOFHANDLINGLIVENESSPOLICIES If this server accepts a SYN, it will eventually send a response

  14. LECTURE OUTLINE Overview Details Instances

  15. 15 CONSIDER THE REACTIVE ADVERSARY REFERENCE MONITORS: OVERVIEW DEFINITION Reactive Adversary: An adversary with the capability to understand the defense mechanism and an opportunity to avoid it IFA DEFENSECANBEAVOIDED, IT HARDLYMATTERSWHATTHE ENFORCEMENTDOES Recall the history of the Maginot Line

  16. 16 SECURITY VS PRECISION REFERENCE MONITORS: OVERVIEW PROGRAM PROXIMITY Far Close Inline reference monitor External reference monitor

  17. 17 REFERENCE MONITOR DESIGN REFERENCE MONITORS: INSTANCES KERNELIZED Baked into the kernel Coarse-grained Secure / hard to subvert WRAPPER Specialized execution environment INLINE Rewrite the program / hook syscalls Precise No special privileges (easier to subvert)

  18. 18 PROPERTIES WE CARE ABOUT REFERENCE MONITORS: INSTANCES MEMORY SAFETY e.g. Programs respect aggregate type sizes, process boundaries, code v data TYPE SAFETY e.g. Functions and intrinsic operations have arguments that adhere to the type system CONTROL FLOW SAFETY e.g. All control transfers are envisioned by the original program

  19. LECTURE OUTLINE Overview Details Instances

  20. 20 KERNALIZED REFERENCE MONITOR REFERENCE MONITORS: INSTANCES SEMANTIC ABSTRACTION: Collection of running processes and files Processes are associated with users Files have ACLs OS ENFORCESVARIOUSSAFETYPOLICIES - File access - Process space write Simplest case: same policy for all processes of the same user

  21. 21 EXAMPLE OS-LEVEL REFERENCE MONITORS REFERENCE MONITORS: INSTANCES APPARMOR Capability-based, per-program policies Restricts file access and system calls EXAMPLE deny @{HOME}/Documents/ rw, deny @{HOME}/Private/ rw, deny @{HOME}/Pictures/ rw, deny @{HOME}/Videos/ rw, deny @{HOME}/fake/ rw, deny @{HOME}/.config/ rw, deny @{HOME}/.ssh/ rw, deny @{HOME}/.bashrc rw,

  22. 22 WRAPPER-LEVEL REFERENCE MONITOR REFERENCE MONITORS: INSTANCES JAVA SECURITY MANAGER Each process is a logical fault domain Ensure all memory references and jump is within the process fault domain java Program -Djava.security.manager -Djava.security.policy==~/Program.policy

  23. 23 INLINE REFERENCE MONITORS: SASI REFERENCE MONITORS: INSTANCES CORNELLPROJECTFORINLINEPOLICYENFORCEMENT Change the program to enforce any safety policy Express allowed behavior as an FSM Examples: - No division by zero - No network send after file read

  24. 24 SASI: COST REFERENCE MONITORS: INSTANCES ATTEMPTSTOMINIMIZETHENUMBEROFCHECKS Looking at every instruction is incredibly expensive Example: only need to check divide-by-zero before DIV instructions

  25. 25 CONSTRUCTING AN IRM REFERENCE MONITORS: INSTANCES LLVM-BASEDINSTRUMENTATION Assume source code (or at least IR availability) Inject enforcement instructions at appropriate points 1: int main(int argc){ 2: if (argc > 0){ 3: 4: } 5: } return 5 / argc; LEVERAGINGSTATIC ANALYSIS Only inject checks where there is the possibility of failure

  26. 26 SUMMARY REFERENCE MONITORS REFERENCEMONITOR INTUITION (FROMOURPERSPECTIVE) Dynamic program analyses that take action to alter the semantics of the program due to a safety policy violation Explores the semantic gap tradeoff: being close to the target may add specificity, but may make the enforcement attackable

  27. 27 NEXT TIME: CFI REFERENCE MONITORS: INSTANCES USE IRM TODETERMINEIFCODEVIOLATESITSSUPERGRAPH Why would we need to do this?

  28. WRAP-UP

Related


Rashford's Exclusion Raises Questions as Southgate Navigates Delicate Balance Euro 2024

Rashford's Exclusion Raises Questions as Southgate Navigates Delicate Balance Euro 2024

WorldWide
Predicting Spain's Lineup for UEFA Euro 2024

Predicting Spain's Lineup for UEFA Euro 2024

WorldWide
Roland Sallai Primed for Success at Euro 2024

Roland Sallai Primed for Success at Euro 2024

WorldWide
Fernandes Thriving in United's Resurgent Attack^J Euro 2024 Success

Fernandes Thriving in United's Resurgent Attack^J Euro 2024 Success

WorldWide
No Clear Plan Beyond Euro 2024, Says England Manager

No Clear Plan Beyond Euro 2024, Says England Manager

WorldWide
Christoph Baumgartner Expectations and Preparations for Euro 2024

Christoph Baumgartner Expectations and Preparations for Euro 2024

WorldWide
Christoph Baumgartner Expectations and Preparations for Euro 2024

Christoph Baumgartner Expectations and Preparations for Euro 2024

WorldWide
Building England's Euro 2024 Team around Phil Foden

Building England's Euro 2024 Team around Phil Foden

WorldWide
Scotland Superfan since 1974 Robbie Jenkins Prepares for Euro 2024

Scotland Superfan since 1974 Robbie Jenkins Prepares for Euro 2024

WorldWide
Albania Vs Spain National Team Embarks on Euro Cup 2024 Qualifiers Journey

Albania Vs Spain National Team Embarks on Euro Cup 2024 Qualifiers Journey

WorldWide
Best Question Bank for Class 9 CBSE 2024 Maths with Live Videos

Best Question Bank for Class 9 CBSE 2024 Maths with Live Videos

Rachna
Best Question Bank for Class 9 CBSE 2024 Maths with Live Videos

Best Question Bank for Class 9 CBSE 2024 Maths with Live Videos

Rachna
Pausslot Mantra88 Tergacor dan Terpercaya 2024

Pausslot Mantra88 Tergacor dan Terpercaya 2024

Man
Hospital Price Transparency Regulations and Updates for 2024

Hospital Price Transparency Regulations and Updates for 2024

cove
Essential Information About Upcoming MRCOG Exam

Essential Information About Upcoming MRCOG Exam

rhodes
Pregnancy Horoscope 2024

Pregnancy Horoscope 2024

Jyotishi
Euro 2024 Predictions

Euro 2024 Predictions

Simon1
Institutions' Logos and Authors' Affiliations at MECO 2024 and CPSIoT 2024

Institutions' Logos and Authors' Affiliations at MECO 2024 and CPSIoT 2024

cara
Notifications & Circulars - In light of 53rd GST Council Meeting Recommendation

Notifications & Circulars - In light of 53rd GST Council Meeting Recommendation

Connect
Paris Olympics 2024 - Opening Ceremony

Paris Olympics 2024 - Opening Ceremony

vinu
Mondays for Future: Updates and Plans for 2023-2024

Mondays for Future: Updates and Plans for 2023-2024

aranza
NJSDC Kickoff Meeting 2024 Highlights

NJSDC Kickoff Meeting 2024 Highlights

bhud

More Related Content