GANDALF: A Fine-Grained Hardware–Software Co-Design for Preventing Memory Attacks

Illegal memory accesses are a serious security vulnerability that have been exploited on numerous occasions. In this letter, we present Gandalf, a compiler assisted hardware extension for the OpenRISC processor that thwarts all forms of memory-based attacks. We associate lightweight capabilities to all program variables, which are checked at run time by the hardware. Gandalf is transparent to the user and does not require significant OS modifications. Moreover, it achieves locality and incurs minimal overheads in the hardware. We demonstrate these features with a customized Linux kernel executing SPEC2006 benchmarks. To the best of our knowledge, this is the first work to demonstrate a complete solution for hardware-based memory protection schemes for embedded platforms.

[1]  Mark Horowitz,et al.  Implementing an untrusted operating system on trusted hardware , 2003, SOSP '03.

[2]  Milo M. K. Martin,et al.  SoftBound: highly compatible and complete spatial memory safety for c , 2009, PLDI '09.

[3]  Miguel Castro,et al.  Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors , 2009, USENIX Security Symposium.

[4]  Meikang Qiu,et al.  Security protection and checking for embedded system integration against buffer overflow attacks via hardware/software , 2006, IEEE Transactions on Computers.

[5]  Hovav Shacham,et al.  Return-Oriented Programming: Systems, Languages, and Applications , 2012, TSEC.

[6]  Bob Martin,et al.  2010 CWE/SANS Top 25 Most Dangerous Software Errors , 2010 .

[7]  Jonathan M. Smith,et al.  Low-fat pointers: compact encoding and efficient gate-level implementation of fat pointers for spatial safety and capability-based security , 2013, CCS.

[8]  Chester Rebeiro,et al.  Shakti-T: A RISC-V Processor with Light Weight Security Extensions , 2017, HASP@ISCA.

[9]  Yunheung Paek,et al.  HDFI: Hardware-Assisted Data-Flow Isolation , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[10]  Carlos V. Rozas,et al.  Intel® Software Guard Extensions (Intel® SGX) Support for Dynamic Memory Management Inside an Enclave , 2016, HASP 2016.

[11]  John L. Henning SPEC CPU2006 benchmark descriptions , 2006, CARN.

[12]  Milo M. K. Martin,et al.  Watchdog: Hardware for safe and secure manual memory management and full memory safety , 2012, 2012 39th Annual International Symposium on Computer Architecture (ISCA).

[13]  A. One,et al.  Smashing The Stack For Fun And Profit , 1996 .

[14]  Ahmad-Reza Sadeghi,et al.  HAFIX: Hardware-Assisted Flow Integrity eXtension , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[15]  Ruby B. Lee,et al.  Enlisting Hardware Architecture to Thwart Malicious Code Injection , 2004, SPC.

[16]  Carla E. Brodley,et al.  SmashGuard: A Hardware Solution to Prevent Security Attacks on the Function Return Address , 2006, IEEE Transactions on Computers.

[17]  Milo M. K. Martin,et al.  WatchdogLite: Hardware-Accelerated Compiler-Based Pointer Checking , 2014, CGO '14.