Session Type
Keynote
Date & Time
Wednesday, April 10, 2024, 9:10 AM - 10:00 AM
Name
Does LLVM implement security hardenings correctly? A BOLT-based static analyzer to the rescue?
Location Name
Ballroom
Abstract/s
In the past decade, security has become one of the 3 key areas in compiler design and implementation, next to correctly translating to assembly and optimization. In comparison to general correctness and optimization, we're lacking tools to test correct code generation of security hardening features. This presentation shows the results of an experiment to build a prototype binary static analyzer for 2 security hardening features (pac-ret, stack clash) using BOLT. The results are promising and I propose to integrate this into the upstream BOLT project to enable us to implement higher-quality security mitigations in LLVM and other compilers.
Speakers
Moderator
Tanya Lattner