LLVM's BOLT Being Adapted To Analyze Security Hardening Of Binaries

Written by Michael Larabel in LLVM on 4 April 2024 at 07:35 AM EDT. 4 Comments
LLVM
LLVM's BOLT is an amazing tool for optimizing the layout of binaries and in turn can lead to some mighty useful performance improvements. But now an Arm compiler engineer has taken to leveraging BOLT for creating a binary analysis tool to vet the correctness of security hardening options.

Arm compiler engineer Kristof Beyls has taken to coming up with an initial proof of concept for a BOLT-based solution to evaluate the security hardening of binary files.
"We lack good tools to verify correct code generation for security hardening features. Most security hardening features are tested by just a small number of regression tests. Just running large amounts of code compiled with security hardening features doesn’t test them well: it checks if the program still produces the expected output for a given input, but it does not check if it makes it harder to maliciously exploit the binary.

This RFC proposes building a static binary analyzer that can scan binaries to verify that a given hardening feature has been applied correctly across the whole binary. I’ve built a prototype on top of BOLT and propose to improve it enough to be able to upstream it."

In an RFC posting on the LLVM Discourse, Kristof Beyls outlines his initial work on leveraging BOLT for this security hardening analysis purposes -- well outside the original BOLT performance intentions when developed by Facebook/Meta.

The tool would aim to verify features like the stack protector, stack clash protection, branch protection, control flow protections, and more.The binary analysis tool would verify the hardening features across the entire program and be much more verbose than the limited security hardening tests used today.

The initial code is called the "llvm-bolt-gadget-scanner" and is in prototype form. Results so far are promising and hopeful that a useful binary scanner can be built. With support of other upstream LLVM developers, there is hope of being able to upstream such a tool into the codebase.

In addition to the aforelinked RFC message, the prototype code of this gadget scanner can be found on GitHub.
4 Comments
Related News
LLVM/Clang 18.1 Released With Intel AVX10.1 Work, Adds Clearwater Forest & Panther Lake
Meta Continues Working On BOLT'ing The Linux Kernel For Greater Performance
LLVM/Clang Can Work Fine As A GCC Replacement For Linux Distributions
LLVM 18.1-rc1 Released For Enabling New Intel CPU Features, More C23 & C++23
Autocheck To Check If Your C++ Code Is Safe For Automobiles & Safety Critical Systems
LLVM 18 Planned For Release In Early March
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Fedora Linux 40 Available For Download As A Wonderful Upgrade
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Systemd 256-rc1 Brings A Huge Number Of New Features
NVIDIA Developer Opens Feature Pull Request For Open-Source NVK Driver
Microsoft Open-Sources MS-DOS 4.0 Under MIT License
Ubuntu 24.04 LTS Downloads Now Available
GNU Portability Library's Tool Rewritten In Python For 8~100x Better Performance
QEMU 9.0 Released WIth True Multi-Queue Support For VirtIO Block Driver