11 Hits in 1.5 sec


Santosh Nagarakatte, Milo M. K. Martin, Steve Zdancewic
2014 Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization - CGO '14  
This paper proposes WatchdogLite, an ISA extension that provides hardware acceleration for a compiler implementation of pointer-based checking.  ...  Software approaches for pointer-based checking have high performance overheads.  ...  There are many similarities between Intel's concurrent work on MPX and WatchdogLite: both (1) provide hardware acceleration for compiler-based pointer-based checking, (2) use disjoint metadata for the  ... 
doi:10.1145/2581122.2544147 fatcat:tazj5xchtzb2bo532ifucxunme

Practical Byte-Granular Memory Blacklisting using Califorms [article]

Hiroshi Sasaki, Miguel A. Arroyo, M. Tarek Ibn Ziad, Koustubha Bhat, Kanad Sinha, Simha Sethumadhavan
2019 arXiv   pre-print
low hardware overheads.  ...  Recent rapid strides in memory safety tools and hardware have improved software quality and security.  ...  Compiler Our compiler-based instrumentation infers where to place security bytes within target objects, based on their type layout information.  ... 
arXiv:1906.01838v3 fatcat:7y2chqbjn5hm5juubyapprwqwe

TAG: Tagged Architecture Guide

Samuel Jero, Nathan Burow, Bryan Ward, Richard Skowyra, Roger Khazan, Howard Shrobe, Hamed Okhravi
2022 ACM Computing Surveys  
Hardware solutions based on tagging are emerging as a promising technique that provides strong security guarantees ( e.g., memory safety) while incurring minimal runtime overheads and maintaining compatibility  ...  Exemplars include Hardbound [34] , Watchdoglite [70] , and Low-fat pointers [57] .  ...  As the motivation for tagged architectures is to provide hardware acceleration for security policies, policy support is a critical factor when comparing them.  ... 
doi:10.1145/3533704 fatcat:ehnppfjyrndw5bapsmzqo32m3a

Automated Use-After-Free Detection and Exploit Mitigation: How Far Have We Gone

Binfa Gui, Wei Song, Hailong Xiong, Jeff Huang
2021 IEEE Transactions on Software Engineering  
Zhu, Hardware-accelerated compiler-based pointer checking,” in Pro- “Bounded model checking,” Handbook of Satisfiability, 2003.  ...  Hardware-based checking.  ... 
doi:10.1109/tse.2021.3121994 fatcat:35opzmr2gbg67mnftjkdedm7y4

SoK: Hardware Security Support for Trustworthy Execution [article]

Lianying Zhao, He Shuang, Shengjie Xu, Wei Huang, Rongzhen Cui, Pushkar Bettadpur, David Lie
2019 arXiv   pre-print
This has given birth to a plethora of hardware mechanisms providing trusted execution environments (TEEs), support for integrity checking and memory safety and widespread uses of hardware roots of trust  ...  In recent years, there have emerged many new hardware mechanisms for improving the security of our computer systems.  ...  Hardware can use specialized logic to accelerate costly metadata maintenance and policy check. Hardbound [29] is based on fat pointers for memory safety.  ... 
arXiv:1910.04957v1 fatcat:5luczjg34ve67nm73xso5xhzx4

Stopping Memory Disclosures via Diversification and Replicated Execution

Kangjie Lu, Meng Xu, Chengyu Song, Taesoo Kim, Wenke Lee
2018 IEEE Transactions on Dependable and Secure Computing  
We thus propose a replicated execution-based methodology to generally detect memory disclosures, regardless of their causes.  ...  For example, even the recent hardware-accelerated memory safety approach WatchdogLite [43] imposes a 29% performance overhead on the SPEC Benchmarks.  ...  We assume the hardware and OS kernel as our trusted computing base (TCB), so attacks that target the hardware (e.g., cold boot attack [26] ) and the kernel are excluded.  ... 
doi:10.1109/tdsc.2018.2878234 fatcat:4ogtfxfjofelrel6vxt2l7u4ki

Everything You Want to Know About Pointer-Based Checking

Santosh Nagarakatte, Milo Martin, Steve Zdancewic
We also describe and analyze the forthcoming Intel Memory Protection Extensions (MPX) that provides hardware acceleration for disjoint metadata and pointer checking in mainstream hardware, which is expected  ...  We have been exploring memory safety enforcement at various levels-in hardware, in the compiler, and as a hardware-compiler hybrid-in this project.  ...  Intel has announced the specification of Memory Protection Extensions (MPX) [20] for providing hardware acceleration for compiler-based pointer-based checking with disjoint metadata slated to appear  ... 

Repurposing Software Defenses with Specialized Hardware

Kanad Sinha
to existing hardware microarchitecture.  ...  One way to mitigate this problem is to complement these defenses in hardware.  ...  On an access, the hardware checks whether the tags of the pointer and accessed regions match.  ... 
doi:10.7916/d8-e6tc-kr63 fatcat:5mmez4ypdzfqffukip6xzaotve

Secure Compilation (Dagstuhl Seminar 21481)

David Chisnall, Deepak Garg, Catalin Hritcu, Mathias Payer
Secure compilation is an emerging field that puts together advances in security, programming languages, compilers, verification, systems, and hardware architectures in order to devise more secure compilation  ...  mechanisms in both software and hardware, and on developing formal verification techniques for secure compilation.  ...  Another key enabler is the emergence of new hardware features that enable efficient security enforcement: access checks on pointer dereferencing (e.g.  ... 
doi:10.4230/dagrep.11.10.173 fatcat:v7g6lttnobewnkcwkf5uxsanuy

Taking Back Control: Closing the Gap Between C/C++ and Machine Semantics

Nathan H. Burow
Defenses against such attacks range from enforcing full memory safety to protecting only select information, normally code pointers to prevent control-flow hijacking attacks.  ...  Such control-flow hijacking attacks exploit a gap between high level language semantics and the machine language that they are compiled to.  ...  A compiler-based instrumentation pass is used to add code that records and checks metadata at runtime (Section 2.2.2).  ... 
doi:10.25394/pgs.7499441.v1 fatcat:7at2etzwfrepvd5vfakfiiddf4

Bespoke Security for Resource Constrained Cyber-Physical Systems

Miguel Angel Arroyo
., software vulnerabilities, hardware side-channels) and physical systems (e.g., theft, tampering), while additionally introducing challenges of their own.  ...  We discuss available security primitives and their limitations for both hardware and software. In particular, we focus on software security threats targeting memory safety.  ...  ,passing a pointer to an object that shall remain opaque within the external module), our hardware-based implicit checks have the benefit of persistent tampering protection, even across binary module boundaries  ... 
doi:10.7916/d8-cgaj-mz52 fatcat:oagan66zandbtn65x2gsacmmtu