REVITALIZE · Assured Recompilation of Vintage Executables via Binary Lifting: Unfreezing Legacy Software from Obsolete Toolchain Dependence

A lot of everyday infrastructure is powered by legacy software that depends on obsolete toolchains. Such software is literally “stuck in time” and cannot benefit from innovations in modern compilers such as automated security mitigations applied during compilation. There are often other undesirable consequences, such as a need to use outdated hardware platforms.Unfortunately, modernizing such legacy software isn’t as simple as taking the ancient source code (if it exists) and re-running it through a modern compiler. In practice, hidden undocumented dependencies on specific compiler versions, build systems, and other parts of older toolchains often make it infeasible to recreate legacy programs from old source code. There is also the related problem of identifying which of several surviving source code versions might be the one that corresponds to an existing authoritative binary.In this project, the PI proposes an ambitious approach that bypasses these concerns by starting at the existing authoritative binary and then “lifting” it to the intermediate representation of the LLVM compiler infrastructure. Once “lifted,” the existing software can immediately take advantage of the vast array of software reliability tools and optimization passes that already exist for LLVM. Our project will take existing x86 legacy binaries and automatically translate them to security-hardened replacement binaries for the open standard RISC-V architecture, both with and without CHERI security extensions.In order to provide assurance that replacement software revitalized via “lifting” actually performs exactly as a functional drop-in replacement of the original (but lacking security vulnerabilities lurking in the original), the PI proposes a novel use of Multivariant Execution Environments (MVEEs) for the fine-grained differential testing of replacement against original. This can also be used to confirm that existing legacy source code truly matches the authoritative binary.