LLVM

Llsoftsecbook: an open source book on software security for compiler developers

D.llvm
Kristof Beyls
<p>Compilers play a crucial role in hardening software against security attacks. As compiler engineers we experience an increase in demand for security-related features: we simply work on security-related features more often. We find it tough to analyze whether the hardenings we implement are easy or hard to circumvent by attackers. After chatting about this with many compiler developers, our experience is that most feel their work would benefit from a deeper understanding of attacks and hardening techniques. After having looked around, we didn't find much educational material that gives a broad overview, covering all aspects compiler developers ought to know about. Therefore, we recently started an open source book titled "Low Level Software Security for Compiler developers" at https://github.com/llsoftsec/llsoftsecbook/. It aims to improve the industry-wide knowledge about security hardening in compilers and related tools; ultimately leading to more innovation and better implementations of security features. In this presentation, we'll explain the rationale for this new open source project in more detail. We will discuss what content we have so far and what content we plan to add. The project very much welcomes new contributors: we need more new content, more review of content, discussion of ideas for how to make the book better, improvement in the design and layout of the produced HTML and PDF output, etc. We hope this presentation will reach both anyone interested in learning more about low-level software security and anyone interested in helping to grow this project further.</p>

Additional information

Type devroom

More sessions

2/5/22
LLVM
D.llvm
<p>The aim of this abstract is to showcase the enhanced debuggability support added in LLVM for the Fortran language features. LLVM being emerging compiler framework, there was some gap to be bridged w.r.t. Fortran language debug info generation. This is because Fortran language has few features which are very powerful, as compared to other languages.</p> <p>Fortran dynamic arrays are one such powerful language feature. There are variety of arrays like adjustable array, assumed shape, assumed ...
2/5/22
LLVM
Pavel Kosov
D.llvm
<p>In this talk we will briefly describe how to add your own extension to C, what steps may be needed to do it. And then we will review a small example</p>
2/5/22
LLVM
Leonardo Di Donato
D.llvm
<p>eBPF is fastly becoming the first choice for implementing tracing and security-critical applications and software.</p> <p>Yet, its ecosystem lacks tooling to make developers' life easier.</p> <p>Join this talk to get to know bpfcov: an open-source tool I wrote that uses the LLVM pass infrastructure to instrument your eBPF programs to collect coverage data while they run in the eBPF VM in the Linux kernel.</p>
2/5/22
LLVM
Thomas Pietsch
D.llvm
<p>Clang and LLVM have a great history of supporting a great variety of CPUs, from 8- to 64-bits assuming they all have a smallest size of an addressable unit of 8-bits words. Despite the fact that a lot of types and there alignment can be defined with the “target datalayout” string, the “character” and “short” type have been hard-coded into clang and llvm.</p>
2/5/22
LLVM
Bernhard Rosenkränzer
D.llvm
<p>Oniro - the Eclipse Foundation's embedded operating system - is switching from libstdc++ to libc++ by default. This talk gives an overview of our experience daring to make the switch.</p>
2/5/22
LLVM
Babar Khan
D.llvm
<p>Although Linux is still the best preferred operating system, the talk begins with a problem statement regarding the dependencies of ANTLR and LLVM on Windows. To this end, the presenter will explain how these dependency issues can be resolved through an easy-to-use environment for building, installing and running native LLVM and ANTLR on Windows. Furthermore, the talk will briefly explain how we can design domain specific languages (DSLs) using a powerful combination of ANTLR and LLVM front ...