Memory vulnerabilities are a major threat to many computing systems. To effectively thwart spatial and temporal memory vulnerabilities, full logical memory safety is required. However, current mitigation techniques for memory safety are either too expensive or trade security against efficiency. One promising attempt to detect memory safety vulnerabilities in hardware is memory coloring, a security policy deployed on top of tagged memory architectures. However, due to the memory storage and bandwidth overhead of large tags, commodity tagged memory architectures usually only provide small tag sizes, thus limiting their use for security applications. Irrespective of logical memory safety, physical memory safety is a necessity in hostile environments prevalent for modern cloud computing and IoT devices. Architectures from Intel and AMD already implement transparent memory encryption to maintain confidentiality and integrity of all off-chip data. Surprisingly, the combination of both, logical and physical memory safety, has not yet been extensively studied in previous research, and a naive combination of both security strategies would accumulate both overheads. In this paper, we propose CrypTag, an efficient hardware/software co-design mitigating a large class of logical memory safety issues and providing full physical memory safety. At its core, CrypTag utilizes a transparent memory encryption engine not only for physical memory safety, but also for memory coloring at hardly any additional costs. The design avoids any overhead for tag storage by embedding memory colors in the upper bits of a pointer and using these bits as an additional input for the memory encryption. A custom compiler extension automatically leverages CrypTag to detect logical memory safety issues for commodity programs and is fully backward compatible.
翻译:内存脆弱性是许多计算系统的一个主要威胁。 要有效防止时空内存脆弱性, 需要完全逻辑的内存安全。 但是, 目前的内存安全减缓技术要么太昂贵, 要么在效率方面进行交易安全。 发现硬件内存安全弱点的一个大有希望的尝试是内存颜色, 在标记内存结构上方部署的安全政策。 但是,由于大型标签的内存存储和带宽管理管理,商品标记内存结构通常只能提供小标记大小,从而限制其用于安全应用程序。 不论逻辑内存安全, 在现代云计算和 IoT 设备普遍存在的敌对环境中, 物理内存安全是必要的。 Intel 和 AMD 的建筑已经实施了透明的内存加密, 以维护所有离芯数据的保密性和完整性。 令人惊讶的是, 在以往的研究中尚未对内存安全两者的结合进行广泛研究, 商品内存结构的天性组合通常只提供小标记大小, 。 我们建议CrypTag, 高效的硬件/软体内存共同指派一个大型的内存安全问题, 以及提供完整的内存安全。 在内部内存数据上的内存安全中, 的内存系统内存系统内存的内存系统内存系统内存的内存的内存的内存的内存的内存的内存系统, 。