isa-l/README.md
Pablo de Lara cf967e5a37 README: add section for DLL injection attack mitigations
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
2023-12-21 16:05:52 +00:00

4.0 KiB

Intel(R) Intelligent Storage Acceleration Library

Build Status Package on conda-forge

ISA-L is a collection of optimized low-level functions targeting storage applications. ISA-L includes:

  • Erasure codes - Fast block Reed-Solomon type erasure codes for any encode/decode matrix in GF(2^8).
  • CRC - Fast implementations of cyclic redundancy check. Six different polynomials supported.
    • iscsi32, ieee32, t10dif, ecma64, iso64, jones64, rocksoft64.
  • Raid - calculate and operate on XOR and P+Q parity found in common RAID implementations.
  • Compression - Fast deflate-compatible data compression.
  • De-compression - Fast inflate-compatible data compression.
  • igzip - A command line application like gzip, accelerated with ISA-L.

Also see:

Building ISA-L

Prerequisites

  • Make: GNU 'make' or 'nmake' (Windows).
  • Optional: Building with autotools requires autoconf/automake/libtool packages.
  • Optional: Manual generation requires help2man package.

x86_64:

  • Assembler: nasm. Version 2.15 or later suggested (other versions of nasm and yasm may build but with limited function support).
  • Compiler: gcc, clang, icc or VC compiler.

aarch64:

  • Assembler: gas v2.24 or later.
  • Compiler: gcc v4.7 or later.

other:

  • Compiler: Portable base functions are available that build with most C compilers.

Autotools

To build and install the library with autotools it is usually sufficient to run:

./autogen.sh
./configure
make
sudo make install

Makefile

To use a standard makefile run:

make -f Makefile.unx

Windows

On Windows use nmake to build dll and static lib:

nmake -f Makefile.nmake

or see details on setting up environment here.

Other make targets

Other targets include:

  • make check : create and run tests
  • make tests : create additional unit tests
  • make perfs : create included performance tests
  • make ex : build examples
  • make other : build other utilities such as compression file tests
  • make doc : build API manual

DLL Injection Attack

Problem

The Windows OS has an insecure predefined search order and set of defaults when trying to locate a resource. If the resource location is not specified by the software, an attacker need only place a malicious version in one of the locations Windows will search, and it will be loaded instead. Although this weakness can occur with any resource, it is especially common with DLL files.

Solutions

Applications using libisal DLL library may need to apply one of the solutions to prevent from DLL injection attack.

Two solutions are available:

  • Using a Fully Qualified Path is the most secure way to load a DLL
  • Signature verification of the DLL

Resources and Solution Details