A recap of a Thotcon 2025 talk on balancing binary obfuscation with Link-Time Optimization (LTO) performance on ARM64 hardware, specifically the Nintendo Switch. The core problem: randomly shuffling function layouts for security destroys I-Cache spatial locality and tanks frame rates. The proposed solution is 'Apartment-Level Randomization' — grouping frequently-calling functions into 'apartments' using call graph analysis and a short-jump threshold, then randomizing the order of apartments rather than individual functions. The toolchain includes LIEF for binary manipulation, Capstone/XED for disassembly, and Valgrind/Kcachegrind for cache simulation and profiling. A future CI-driven optimization loop is proposed to automatically tune the apartment threshold to maximize entropy while staying within a 5% performance budget.
Table of contents
The Architectural Bottleneck: Instruction Cache and ARM64The ToolingThe Algorithm: Step-by-Step Apartment-Level RandomizationVisualizing the Hit: The Kcachegrind WorkflowThe Future: CI-Driven OptimizationSort: