Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Zhenyu Ning1,2, Yinqian Zhang3, and Fengwei Zhang2
1Wayne State University, 2Southern University of Science and Technology, 3The Ohio State University
Outline
• Introduction
• Pointer Integrity
• Memory Boundary Protection
• Dynamic Taint Analysis
• Implementation
• Conclusion
SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture 2
Outline
• Introduction
• Pointer Integrity
• Memory Boundary Protection
• Dynamic Taint Analysis
• Implementation
• Conclusion
SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture 3
Introduction
• The RISC-V architecture is well-known for its open nature.
• Open Source, No License fee
• Open to new design and extension
• Open to challenge.
• Security problems in x86 and ARM architecture remains on RISC-V platforms.
• E.g., pointer integrity, memory boundary protection, and dynamic taint analysis.
4SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Introduction
Any effective defense on RISC-V?
5SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Outline
• Introduction
• Pointer Integrity
• Memory Boundary Protection
• Dynamic Taint Analysis
• Implementation
• Conclusion
SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture 6
Pointer Integrity
• To ensure that the pointer is not corrupted.
• Code-pointer Integrity and Data-pointer Integrity.
7SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
if *x0 = 0 then
x1 = addr1
else
x1 = addr2
jmp to x1
*x0 = 0
Pointer Integrity
• To ensure that the pointer is not corrupted.
• Code-pointer Integrity and Data-pointer Integrity.
8SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
if *x0 = 0 then
x1 = addr1
else
x1 = addr2
jmp to x1
*x0 = 0
x1 = addr1
Pointer Integrity
• To ensure that the pointer is not corrupted.
• Code-pointer Integrity and Data-pointer Integrity.
9SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
if *x0 = 0 then
x1 = addr1
else
x1 = addr2
jmp to x1
*x0 = 0
x1 = addr3Code-pointer
Attack
Pointer Integrity
• To ensure that the pointer is not corrupted.
• Code-pointer Integrity and Data-pointer Integrity.
10SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
if *x0 = 0 then
x1 = addr1
else
x1 = addr2
jmp to x1
*x0 = 0
Pointer Integrity
• To ensure that the pointer is not corrupted.
• Code-pointer Integrity and Data-pointer Integrity.
11SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
if *x0 = 0 then
x1 = addr1
else
x1 = addr2
jmp to x1
*x0 = 2
Pointer Integrity
• To ensure that the pointer is not corrupted.
• Code-pointer Integrity and Data-pointer Integrity.
12SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
if *x0 = 0 then
x1 = addr1
else
x1 = addr2
jmp to x1
*x0 = 2
x1 = addr2Data-pointer
Attack
Pointer Integrity: Buffer Overflow
• Start of the attack: In most cases, a buffer overflow vulnerability.
13SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Params
Return Addr
Frame Pointer
Local Var a
…
Local Var b
Local Var c
…
Stack Pointer
Pointer Integrity: Buffer Overflow
• Start of the attack: In most cases, a buffer overflow vulnerability.
14SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Params
Return Addr
Frame Pointer
Local Var a
…
Local Var b
Local Var c
…
Stack Pointer
Pointer Integrity: Buffer Overflow
• Start of the attack: In most cases, a buffer overflow vulnerability.
15SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Params
Return Addr
Frame Pointer
Local Var a
…
Local Var b
Local Var c
…
Stack Pointer
Params
Return Addr
Frame Pointer
Local Var a
…
Local Var b
Random data
…
Stack Pointer
Buffer Overflow Attack
Pointer Integrity: Buffer Overflow
• Start of the attack: In most cases, a buffer overflow vulnerability.
16SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Params
Return Addr
Frame Pointer
Local Var a
…
Local Var b
Local Var c
…
Stack Pointer
Params
Return Addr
Frame Pointer
Local Var a
…
Random data
Random data
…
Stack Pointer
Buffer Overflow Attack
Pointer Integrity: Buffer Overflow
• Start of the attack: In most cases, a buffer overflow vulnerability.
17SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Params
Return Addr
Frame Pointer
Local Var a
…
Local Var b
Local Var c
…
Stack Pointer
Params
Return Addr
Frame Pointer
Random data
…
Random data
Random data
…
Stack Pointer
Buffer Overflow Attack
Pointer Integrity: Buffer Overflow
• Start of the attack: In most cases, a buffer overflow vulnerability.
18SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Params
Return Addr
Frame Pointer
Local Var a
…
Local Var b
Local Var c
…
Stack Pointer
Params
Return Addr
Random data
Random data
…
Random data
Random data
…
Stack Pointer
Buffer Overflow Attack
Pointer Integrity: Buffer Overflow
• Start of the attack: In most cases, a buffer overflow vulnerability.
19SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Params
Return Addr
Frame Pointer
Local Var a
…
Local Var b
Local Var c
…
Stack Pointer
Params
Modified Addr
Random data
Random data
…
Random data
Random data
…
Stack Pointer
Buffer Overflow Attack
Pointer Integrity: Canary
• Stack Canary[1]: The most widely used defense to buffer overflow attack.
20SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Params
Return Addr
Frame Pointer
Canary
…
Local Var a
Local Var b
…
Stack Pointer
Params
Modified Addr
Random data
Random data
…
Random data
Random data
…
Stack Pointer
Buffer Overflow Attack
Pointer Integrity: Canary
• Stack Canary[1]: The most widely used defense to buffer overflow attack.
21SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Params
Return Addr
Frame Pointer
Canary
…
Local Var a
Local Var b
…
Stack Pointer
Params
Modified Addr
Random data
Random data
…
Random data
Random data
…
Stack Pointer
Buffer Overflow Attack Canary is changed
by overflow
Pointer Integrity: Canary
• Stack Canary[1]: The most widely used defense to buffer overflow attack.
• Weakness:
• Easy to bypass[2]
• Not efficient to defend against data-pointer attack
22SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Pointer Integrity: PAC
• Pointer Authentication Code[3] is introduced in 64-bit ARMv8.3 architecture.
23SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
A pointer in 64-bit system
063
Is it really necessary to use a 64-bit address?
Pointer Integrity: PAC
Is it really necessary to use a 64-bit address?
• 264 bit = 16384 PB = 16.8 millions TB = 17.2 billions GB
• Summit: 10 PB memory
• Sunway TaihuLight: 1.32 PB memory
• Linux: Up to 128 TB virtual memory
• Windows: Up to 16 TB virtual memory
24SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Pointer Integrity: PAC
• Pointer Authentication Code[3] is introduced in 64-bit ARMv8.3 architecture.
25SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
A pointer in 64-bit system
063
Pointer Integrity: PAC
• Pointer Authentication Code[3] is introduced in 64-bit ARMv8.3 architecture.
26SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
063
Virtual Address
47
PAC
4854
• Pointer Value + 64-bit Context Value + 128-bit Secret Key => PAC
• Up to 48 bits for virtual address, and at least 7 bits for PAC
Pointer Integrity: PAC
• PAC is good, but the deployment is painful.
• The mechanism is released with ARMv8.3 architecture since 2016.
• ARM does not release any processor with ARMv8.3 till now.
• The only processors with PAC support are Apple A12 and A13.
• Closed ecosystem.
• No available to system developers.
27SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Pointer Integrity: RISC-V
• RISC-V based PAC
• A group of new hardware instructions
• Forge PAC, examine PAC, strip PAC
• New registers for storing the 128-bit secret key
• Secret keys for data pointers and code pointers
• Hardware-based crypto engine
• Generate PAC from pointer and 64-bit context value
28SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Outline
• Introduction
• Pointer Integrity
• Memory Boundary Protection
• Dynamic Taint Analysis
• Implementation
• Conclusion
SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture 29
Memory Boundary Protection
• To ensure the memory access won’t go out of its expected boundary.
30SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
a[0]
a[1]
…
a[8]
a[9]
int a[10];
…
…
a a[0]
a[1]
…
a[8]
a[9]
a[8] = 1
…
…
a
a[8]
Memory Boundary Protection
• To ensure the memory access won’t go out of its expected boundary.
31SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
a[0]
a[1]
…
a[8]
a[9]
int a[10];
…
…
a a[0]
a[1]
…
a[8]
a[9]
a[10] = 1
…
…
a
Memory Out of Boundary
a[10]
Memory Boundary Protection: Address Sanitizer
• Address Sanitizer[4]: Use redzones to detect out-of-bound access.
32SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
a[0]
a[1]
…
a[8]
a[9]
int a[10];
…
…
a Redzone
a[0]
…
a[9]
Redzone
int a[10];
Redzone
Redzone
a
Memory Boundary Protection: Address Sanitizer
• Address Sanitizer[4]: Use redzones to detect out-of-bound access.
33SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Redzone
a[0]
…
a[9]
Redzone
int a[10];
Redzone
Redzone
a
Redzone
a[0]
…
a[9]
Redzone
a[10] = 1
Redzone
Redzone
a
a[10]Out-of-boundaccess
Memory Boundary Protection: Address Sanitizer
• Address Sanitizer[4]: Use redzones to detect out-of-bound access.
• Weakness:
• Large memory overhead
• Large performance overhead
• False negative is possible
34SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Memory Boundary Protection: Intel MPX
• Intel MPX[5]: An architecture extension dedicated for memory bound
protection.
35SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Pointer Address
Base Address of Bounds Directory
Table 0Table 1Table 2Table 3Table 4
Bound Directory
Entry 0Entry 1Entry 2Entry 3Entry 4
Bound Table 3
Pointer Address
Upper Bound
Lower Bound
Memory Boundary Protection: Intel MPX
• Intel MPX[5]: An architecture extension dedicated for memory bound
protection.
• Weakness:
• Performance overhead for two-layer translation
• Multithread not support
• Not production ready, support will be removed from GCC 9
36SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Memory Boundary Protection : RISC-V
• RISC-V based Memory Boundary Protection
37SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
063
Virtual Address
47
PAC
4854
???
• Use the head bits for memory bounds
• 9 bits if PAC is implemented
• 16 bits if PAC is not implemented
• More bits in 128-bit RISC-V architecture[6]
Outline
• Introduction
• Pointer Integrity
• Memory Boundary Protection
• Dynamic Taint Analysis
• Implementation
• Conclusion
SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture 38
Dynamic Taint Analysis
• Analysis the information flow of specific objects.
• Example scenario: Privacy leakage detection
39SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
……char* password = getInput();char* copied = copy(password);printf(“copied: %s\n”, copied);……
getInput
Taint Source
printf
Taint Sink
Dynamic Taint Analysis
• Analysis the information flow of specific objects.
• Example scenario: Privacy leakage detection
40SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
……char* password = getInput();char* copied = copy(password);printf(“copied: %s\n”, copied);……
getInput
Taint Source
printf
Taint Sink
password
Tainted Variable
Dynamic Taint Analysis
• Analysis the information flow of specific objects.
• Example scenario: Privacy leakage detection
41SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
……char* password = getInput();char* copied = copy(password);printf(“copied: %s\n”, copied);……
getInput
Taint Source
printf
Taint Sink
password
Tainted Variable
copied
Dynamic Taint Analysis
• Analysis the information flow of specific objects.
• Example scenario: Privacy leakage detection
42SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
……char* password = getInput();char* copied = copy(password);printf(“copied: %s\n”, copied);……
getInput
Taint Source
printf
Taint Sink
password
Tainted Variable
copied
Taint Path Founded!
Dynamic Taint Analysis
43SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
……char* password = getInput();char* copied = copy(password);printf(“copied: %s\n”, copied);……
getInput
Taint Source
printf
Taint Sink
password
Tainted Variable
copied
• How to learn the taint propagation from “password” to“copied” ?
• Heavy instrumentation
• Add tons of instructions to monitor the data flow
Dynamic Taint Analysis
• Labelled RISC-V Architecture[7]: Every hardware request is attached
with a label.
44SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Core 0 Core 1 Core N…
Shared Last Level Cache
I/O Chipset Memory Controller
Disk Disk Disk NIC
DS-id DS-id DS-id
DS-id DS-id DS-id DS-id
CL
CLCL
Dynamic Taint Analysis
• Labelled RISC-V Architecture[7]: Every hardware request is attached
with a label.
• Use the label to represent taint flag
• Automatically propagation via hardware support
• No instrumentation required
• Use the Control Logic (CL) to achieve detection
45SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
What about the propagation outside of hardware request?
Dynamic Taint Analysis
What about the propagation outside of hardware request?
• Allocate a few bits from the unused bits in 64-bit pointer
• In coarse-gained analysis, 1 bit is sufficient
• This bit automatically transfers during the execution of data operation
instructions.
• Feed to the DS-id register during hardware request
46SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Outline
• Introduction
• Pointer Integrity
• Memory Boundary Protection
• Dynamic Taint Analysis
• Implementation
• Conclusion
SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture 47
Implementation
• SecLabel: Enchancing RISC-V Platform Security
48SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Source Code
Compiler IR
Modified IR
BinarySecLabel-Enabled
RISC-VPlatform
Compiler
Compiler Frontend
Compiler Backend
SecLabel Instruction-levelInstrumentation
Outline
• Introduction
• Pointer Integrity
• Memory Boundary Protection
• Dynamic Taint Analysis
• Implementation
• Conclusion
SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture 49
Conclusion
• In light of the PAC in ARMv8.3, we can leverage the open feature of
RISC-V and implement similar mechanism for pointer integrity.
• With addition bits in the head of a pointer address in 64-bit or 128-bit
RISC-V architecture, an enhanced memory boundary protection can be
deployed.
• Combining the labelled RISC-V architecture and unused bits in an
address, we are able to facilitate the existing dynamic taint analysis.
50SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture
Reference
[1] Cowan, Crispan, et al. "Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks." USENIX Security Symposium. Vol. 98. 1998.
[2] Richarte, Gerardo. "Four different tricks to bypass stackshield and stackguard protection." World Wide Web 1. 2002.
[3] Liljestrand, Hans, et al. "PAC it up: Towards pointer integrity using ARM pointer authentication." 28th USENIX Security. 2019.
[4] Serebryany, Konstantin, et al. "AddressSanitizer: A fast address sanity checker." Presented as part of the 2012 USENIX Annual Technical Conference. 2012.
[5] Oleksenko, Oleksii, et al. "Intel MPX explained: An empirical study of intel MPX and software-based bounds checking approaches." arXivpreprint arXiv:1702.00719. 2017.
[6] Wallach, Steve. “128-bit addressing in RISC-V and security.“ 5th RISC-V Workshop. 2016.
[7] Yu, Zihao, et al. "Labeled RISC-V: A new perspective on software-defined architecture." CARVV. 2017.
51SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture