CPP: A lightweight memory page management extension to prevent code pointer leakage

Journal of Systems Architecture(2022)

引用 1|浏览28
暂无评分
摘要
Protecting code pointers (e.g., return address, function pointer) from leakage is desirable from a security perspective. Isolation mechanisms have been the favored candidate to protect code pointers. However, these mechanisms result in significant performance overhead as they need to instrument extra instructions for frequent permission switching or bound checking. In this paper, we propose CPP, a novel Code Pointer-only Memory Page Management to restrict attack-critical operations for code pointers by hardware. Our hardware–software co-design allows CPP mark code pointers at page granularity that requires minor hardware modification. CPP checks the legality of their operations in parallel with instruction execution. We implement a prototype system and our evaluation shows CPP can effectively mitigate the code pointer leakage attacks with less than 2.1% performance overhead.
更多
查看译文
关键词
System security,Hardware–software co-design,Code pointer leakage,Memory safety
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要