research-article

Public Access

Practical Byte-Granular Memory Blacklisting using Califorms

Authors:

Hiroshi Sasaki,

Miguel A. Arroyo,

M. Tarek Ibn Ziad,

Koustubha Bhat,

Simha SethumadhavanAuthors Info & Claims

MICRO '52: Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture

Pages 558 - 571

https://doi.org/10.1145/3352460.3358299

Published: 12 October 2019 Publication History

Abstract

Recent rapid strides in memory safety tools and hardware have improved software quality and security. While coarse-grained memory safety has improved, achieving memory safety at the granularity of individual objects remains a challenge due to high performance overheads usually between ~1.7x--2.2x. In this paper, we present a novel idea called Califorms, and associated program observations, to obtain a low overhead security solution for practical, byte-granular memory safety.

The idea we build on is called memory blacklisting, which prohibits a program from accessing certain memory regions based on program semantics. State of the art hardware-supported memory blacklisting, while much faster than software blacklisting, creates memory fragmentation (on the order of few bytes) for each use of the blacklisted location. We observe that metadata used for blacklisting can be stored in dead spaces in a program's data memory and that this metadata can be integrated into the microarchitecture by changing the cache line format. Using these observations, a Califorms based system proposed in this paper reduces the performance overheads of memory safety to ~1.02x--1.16x while providing byte-granular protection and maintaining very low hardware overheads. Moreover, the fundamental idea of storing metadata in empty spaces and changing cache line formats can be used for other security and performance applications.

References

[1]

2014. CVE--2014--1444. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1444. [Online; accessed 30-Aug-2019].

[2]

2017. CVE--2017--5115. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5115. [Online; accessed 30-Aug-2019].

[3]

ARM. 2018. ARM A64 instruction set architecture for ARMv8-A architecture profile. https://static.docs.arm.com/ddi0596/a/DDI_0596_ARM_a64_instruction_set_architecture.pdf.

[4]

Andrea Bittau, Adam Belay, Ali Mashtizadeh, David Mazi e res, and Dan Boneh. 2014. Hacking blind. In IEEE S&P '14: Proceedings of the 35th IEEE Symposium on Security and Privacy.

[5]

Kees Cook. 2017. Introduce struct layout randomization plugin. https://lkml.org/lkml/2017/5/26/558.

[6]

Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang. 1998. StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In USENIX Security '98: Proceedings of the 7th USENIX Security Symposium.

[7]

Brooks Davis, Khilan Gudka, Alexandre Joannou, Ben Laurie, A Theodore Markettos, J Edward Maste, Alfredo Mazzinghi, Edward Tomasz Napierala, Robert M Norton, Michael Roe, Peter Sewell, Robert N M Watson, Stacey Son, Jonathan Woodruff, Alexander Richardson, Peter G Neumann, Simon W Moore, John Baldwin, David Chisnall, James Clarke, and Nathaniel Wesley Filardo. 2019. CheriABI: enforcing valid pointer provenance and minimizing pointer privilege in the POSIX C run-time environment. In ASPLOS '19: Proceedings of the 24th International Conference on Architectural Support for Programming Languages and Operating Systems.

Digital Library

[8]

Joe Devietti, Colin Blundell, Milo M K Martin, and Steve Zdancewic. 2008. HardBound: architectural support for spatial safety of the C programming language. In ASPLOS XIII: Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems.

Digital Library

[9]

Udit Dhawan, Catalin Hritcu, Raphael Rubin, Nikos Vasilakis, Silviu Chiricescu, Jonathan M Smith, Thomas F Knight, Jr, Benjamin C Pierce, and Andre DeHon. 2015. Architectural support for software-defined metadata processing. In ASPLOS '15: Proceedings of the 20th International Conference on Architectural Support for Programming Languages and Operating Systems.

Digital Library

[10]

Gregory J Duck and Roland H C Yap. 2018. EffectiveSan: type and memory error detection using dynamically typed C/C++. In PLDI '18: Proceedings of the 39th ACM SIGPLAN Conference on Programming Language Design and Implementation.

Digital Library

[11]

Lieven Eeckhout. 2010. Computer architecture performance evaluation methods (1st ed.).

[12]

Nur Hussein. 2017. Randomizing structure layout. https://lwn.net/Articles/722293/.

[13]

Yuseok Jeon, Priyam Biswas, Scott Carr, Byoungyoung Lee, and Mathias Payer. 2017. HexType: efficient detection of type confusion errors for C++. In CCS '17: Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security.

Digital Library

[14]

Lizy Kurian John. 2004. More on finding a single number to indicate overall performance of a benchmark suite. ACM SIGARCH Computer Architecture News 32, 1 (March 2004), 3--8.

Digital Library

[15]

Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre attacks: exploiting speculative execution. In IEEE S&P '19: Proceedings of the 40th IEEE Symposium on Security and Privacy.

[16]

Kangjie Lu, Chengyu Song, Taesoo Kim, and Wenke Lee. 2016. UniSan: proactive kernel memory initialization to eliminate data leakages. In CCS '16: Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security.

Digital Library

[17]

Alyssa Milburn, Herbert Bos, and Cristiano Giuffrida. 2017. SafeInit: comprehensive and practical mitigation of uninitialized read vulnerabilities. In NDSS '17: Proceedings of the 2017 Network and Distributed System Security Symposium.

[18]

Santosh Nagarakatte, Milo M K Martin, and Steve Zdancewic. 2012. Watchdog: hardware for safe and secure manual memory management and full memory safety. In ISCA '12: Proceedings of the 39th International Symposium on Computer Architecture.

Digital Library

[19]

Santosh Nagarakatte, Milo M K Martin, and Steve Zdancewic. 2014. Watch-dogLite: hardware-accelerated compiler-based pointer checking. In CGO '14: Proceedings of the 12th IEEE/ACM International Symposium on Code Generation and Optimization.

Digital Library

[20]

Oleksii Oleksenko, Dmitrii Kuvaiskii, Pramod Bhatotia, Pascal Felber, and Christof Fetzer. 2018. Intel MPX explained: a cross-layer analysis of the Intel MPX system stack. Proceedings of the ACM on Measurement and Analysis of Computing Systems 2, 2 (June 2018), 28:1--28:30.

Digital Library

[21]

Oracle. 2015. Hardware-assisted checking using Silicon Secured Memory (SSM). https://docs.oracle.com/cd/E37069_01/html/E37085/gphwb.html.

[22]

Harish Patil, Robert Cohn, Mark Charney, Rajiv Kapoor, Andrew Sun, and Anand Karunanidhi. 2004. Pinpointing representative portions of large Intel® Itanium® programs with dynamic instrumentation. MICRO-37: Proceedings of the 37th IEEE/ACM International Symposium on Microarchitecture.

Digital Library

[23]

Feng Qin, Shan Lu, and Yuanyuan Zhou. 2005. SafeMem: exploiting ECC-memory for detecting memory leaks and memory corruption during production runs. In HPCA '05: Proceedings of the IEEE 11th International Symposium on High Performance Computer Architecture.

[24]

Daniel Sanchez and Christos Kozyrakis. 2013. ZSim: fast and accurate microarchitectural simulation of thousand-core systems. In ISCA '13: Proceedings of the 40th International Symposium on Computer Architecture.

Digital Library

[25]

Konstantin Serebryany, Derek Bruening, Alexander Potapenko, and Dmitry Vyukov. 2012. AddressSanitizer: a fast address sanity checker. In USENIX ATC '12: Proceedings of the 2012 USENIX Annual Technical Conference.

[26]

Kostya Serebryany, Evgenii Stepanov, Aleksey Shlyapnikov, Vlad Tsyrklevich, and Dmitry Vyukov. 2018. Memory tagging and how it improves C/C++ memory safety. arXiv.org (Feb. 2018). arXiv:cs.CR/1802.09517v1

[27]

Junjing Shi, Qin Long, Liming Gao, Michael A. Rothman, and Vincent J. Zimmer. 2018. Methods and apparatus to protect memory from buffer overflow and/or underflow. International patent WO/2018/176339.

[28]

Kanad Sinha and Simha Sethumadhavan. 2018. Practical memory safety with REST. In ISCA '18: Proceedings of the 45th International Symposium on Computer Architecture.

Digital Library

[29]

Dokyung Song, Julian Lettner, Prabhu Rajasekaran, Yeoul Na, Stijn Volckaert, Per Larsen, and Michael Franz. 2019. SoK: sanitizing for security. In IEEE S&P '19: Proceedings of the 40th IEEE Symposium on Security and Privacy.

[30]

David Weston and Matt Miller. 2016. Windows 10 mitigation improvements. Black Hat USA.

[31]

Jonathan Woodruff, Alexandre Joannou, Hongyan Xia, Anthony Fox, Robert Norton, David Chisnall, Brooks Davis, Khilan Gudka, Nathaniel W Filardo, A Theodore Markettos, Michael Roe, Peter G Neumann, Robert Nicholas Maxwell Watson, and Simon Moore. 2019. CHERI concentrate: practical compressed capabilities. IEEE Trans. Comput. 68, 10 (Oct. 2019), 1455--1469.

[32]

Jonathan Woodruff, Robert N M Watson, David Chisnall, Simon W Moore, Jonathan Anderson, Brooks Davis, Ben Laurie, Peter G Neumann, Robert Norton, and Michael Roe. 2014. The CHERI capability model: revisiting RISC in an age of risk. In ISCA '14: Proceedings of the 41st International Symposium on Computer Architecture.

[33]

Tong Zhang, Dongyoon Lee, and Changhee Jung. 2019. BOGO: buy spatial memory safety, get temporal memory safety (almost) free. In ASPLOS '19: Proceedings of the 24th International Conference on Architectural Support for Programming Languages and Operating Systems.

Digital Library

Cited By

Hager-Clukas AHohentanner KQuek TGao DZhou JCardenas A(2024)DMTI: Accelerating Memory Error Detection in Precompiled C/C++ Binaries with ARM Memory Tagging ExtensionProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637655(1173-1185)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637655
Mishra DKanellopoulos KPanwar ASriraman ASeshadri VMutlu OMowry T(2024)Address Scaling: Architectural Support for Fine-Grained Thread-Safe Metadata ManagementIEEE Computer Architecture Letters10.1109/LCA.2024.337376023:1(69-72)Online publication date: Jan-2024
https://doi.org/10.1109/LCA.2024.3373760
Kim TRudo DZhao KZhao ZSkarlatos D(2024)Perspective: A Principled Framework for Pliable and Secure Speculation in Operating Systems2024 ACM/IEEE 51st Annual International Symposium on Computer Architecture (ISCA)10.1109/ISCA59077.2024.00059(739-755)Online publication date: 29-Jun-2024
https://doi.org/10.1109/ISCA59077.2024.00059
Show More Cited By

Index Terms

Practical Byte-Granular Memory Blacklisting using Califorms
1. Computer systems organization
  1. Architectures
2. Security and privacy
  1. Security in hardware

Recommendations

Designing a Modern Memory Hierarchy with Hardware Prefetching

In this paper, we address the severe performance gap caused by high processor clock rates and slow DRAM accesses. We show that, even with an aggressive, next-generation memory system using four Direct Rambus channels and an integrated one-megabyte level-...
Practical memory safety with REST
ISCA '18: Proceedings of the 45th Annual International Symposium on Computer Architecture

In this paper, we propose Random Embedded Secret Tokens (REST), a simple hardware primitive to provide content-based checks, and show how it can be used to mitigate common types of spatial and temporal memory errors at very low cost. REST is simply a ...
CrypTag: Thwarting Physical and Logical Memory Vulnerabilities using Cryptographically Colored Memory
ASIA CCS '21: Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security

Memory vulnerabilities are a major threat to many computing systems. To effectively thwart spatial and temporal memory vulnerabilities, full logical memory safety is required. However, current mitigation techniques for memory safety are either too ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MICRO '52: Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture

October 2019

1104 pages

ISBN:9781450369381

DOI:10.1145/3352460

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

DARPA
ONR

Conference

MICRO '52

Sponsor:

SIGMICRO

MICRO '52: The 52nd Annual IEEE/ACM International Symposium on Microarchitecture

October 12 - 16, 2019

OH, Columbus, USA

Acceptance Rates

Overall Acceptance Rate 484 of 2,242 submissions, 22%

Upcoming Conference

MICRO '24

Sponsor:
sigmicro

57th Annual IEEE/ACM International Symposium on Microarchitecture

November 2 - 6, 2024

Austin , TX , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

20
Total Citations
View Citations
1,026
Total Downloads

Downloads (Last 12 months)168
Downloads (Last 6 weeks)28

Reflects downloads up to 14 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hager-Clukas AHohentanner KQuek TGao DZhou JCardenas A(2024)DMTI: Accelerating Memory Error Detection in Precompiled C/C++ Binaries with ARM Memory Tagging ExtensionProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637655(1173-1185)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637655
Mishra DKanellopoulos KPanwar ASriraman ASeshadri VMutlu OMowry T(2024)Address Scaling: Architectural Support for Fine-Grained Thread-Safe Metadata ManagementIEEE Computer Architecture Letters10.1109/LCA.2024.337376023:1(69-72)Online publication date: Jan-2024
https://doi.org/10.1109/LCA.2024.3373760
Kim TRudo DZhao KZhao ZSkarlatos D(2024)Perspective: A Principled Framework for Pliable and Secure Speculation in Operating Systems2024 ACM/IEEE 51st Annual International Symposium on Computer Architecture (ISCA)10.1109/ISCA59077.2024.00059(739-755)Online publication date: 29-Jun-2024
https://doi.org/10.1109/ISCA59077.2024.00059
Schrammel DUnterguggenberger MLamster LSultana SGrewal KLeMay MDurham DMangard S(2024)Memory Tagging using Cryptographic Integrity on Commodity x86 CPUs2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP60621.2024.00024(311-326)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSP60621.2024.00024
Xu SLiu EHuang WLie D(2023)MIFP: Selective Fat-Pointer Bounds Compression for Accurate Bounds CheckingProceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3607199.3607212(609-622)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3607199.3607212
Tarek Ibn Ziad MDamani SJaleel AKeckler SStephenson M(2023)cuCatch: A Debugging Tool for Efficiently Catching Memory Safety Violations in CUDA ApplicationsProceedings of the ACM on Programming Languages10.1145/35912257:PLDI(124-147)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591225
van der Hagen MLucia BFalsafi BFerdman MLu SWenisch T(2022)Client-optimized algorithms and acceleration for encrypted compute offloadingProceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3503222.3507737(683-696)Online publication date: 28-Feb-2022
https://dl.acm.org/doi/10.1145/3503222.3507737
Saileshwar GBoivie RChen TSegal BBuyuktosunoglu A(2022)HeapCheck: Low-cost Hardware Support for Memory SafetyACM Transactions on Architecture and Code Optimization10.1145/349515219:1(1-24)Online publication date: 23-Jan-2022
https://dl.acm.org/doi/10.1145/3495152
Zhang CHou R(2022)Security Support on Memory Controller for Heap Memory Safety2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom56396.2022.00043(248-257)Online publication date: Dec-2022
https://doi.org/10.1109/TrustCom56396.2022.00043
Kim SMahmud FHuang JMajumder PTsai CMuzahid AKim E(2022)WHISTLE: CPU Abstractions for Hardware and Software Memory Safety InvariantsIEEE Transactions on Computers10.1109/TC.2022.3180990(1-13)Online publication date: 2022
https://doi.org/10.1109/TC.2022.3180990
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents