Upload
akram-el-korashy
View
82
Download
3
Embed Size (px)
Citation preview
1/17
Formalizing Capability MachinesIs CHERI a promising target architecture for secure
compilation?
Akram El-Korashy1,2 Marco Patrignani1 Deepak Garg1
1Max Planck Institute for Software Systems, Saarbrücken
2Max Planck Institute for Informatics, IMPRS-CS, Saarbrücken
Saarland Informatics Campus (SIC), 13 Sep 2016
2/17
What are Capability Machines?
What is Secure Compilation?
Capabilities, part of theaddressing mechanism
I Capabilities, unforgeableI Permissions field enables
some operations.
Secure Compilation,preserving security-relevantproperties
2/17
What are Capability Machines?
What is Secure Compilation?
Capabilities, part of theaddressing mechanism
I Capabilities, unforgeableI Permissions field enables
some operations.
Secure Compilation,preserving security-relevantproperties
2/17
What are Capability Machines? What is Secure Compilation?
Capabilities, part of theaddressing mechanism
I Capabilities, unforgeableI Permissions field enables
some operations.
Secure Compilation,preserving security-relevantproperties
2/17
What are Capability Machines? What is Secure Compilation?
Capabilities, part of theaddressing mechanism
I Capabilities, unforgeableI Permissions field enables
some operations.
Secure Compilation,preserving security-relevantproperties
I Full abstraction: esp.preserving observationalequivalence
3/17
Goal of this thesis
Build a paper formal modelof a capability machine:
“CHERI”..
I
X
Simplify instructionssemantics.
I
X
Prove capabilityunforgeability.
..to reason about securitybuilding blocks for secure
compilation.
I Goal is NOT to formally verify CHERI!
3/17
Goal of this thesis
Build a paper formal modelof a capability machine:
“CHERI”..
I XSimplify instructionssemantics.
I XProve capabilityunforgeability.
..to reason about securitybuilding blocks for secure
compilation.
I Show CFI enforcement.
I XShow memorycompartmentalization.
I Goal is NOT to formally verify CHERI!
3/17
Goal of this thesis
Build a paper formal modelof a capability machine:
“CHERI”..
I XSimplify instructionssemantics.
I XProve capabilityunforgeability.
..to reason about securitybuilding blocks for secure
compilation.
I Show CFI enforcement.
I XShow memorycompartmentalization.
I Goal is NOT to formally verify CHERI!
4/17
What is a capability?
A capability is an unforgeable token that gives its ownerpermission(s) to access a particular entity or object in acomputer system. [Levy, 1984]
I In CHERI, a capability is normal 256-bit data, interpretedas values for region bounds, permissions, etc..
I In CHERI, a security domain owns a capability on amemory region.
4/17
What is a capability?
A capability is an unforgeable token that gives its ownerpermission(s) to access a particular entity or object in acomputer system. [Levy, 1984]
I In CHERI, a capability is normal 256-bit data, interpretedas values for region bounds, permissions, etc..
I In CHERI, a security domain owns a capability on amemory region.
4/17
What is a capability?
A capability is an unforgeable token that gives its ownerpermission(s) to access a particular entity or object in acomputer system. [Levy, 1984]
I In CHERI, a capability is normal 256-bit data, interpretedas values for region bounds, permissions, etc..
I In CHERI, a security domain owns a capability on amemory region.
5/17
If it is normal data, how to guarantee unforgeability?
Historically [Fabry, 1974], two approaches
“Tagged” approach
Mixed data-capability
Tags determine whethercapability operation is
allowed.
“Partitioned” approach
Segregated data-capability
Capability operations areallowed on only the capability
partition of the memory.
5/17
If it is normal data, how to guarantee unforgeability?
Historically [Fabry, 1974], two approaches
“Tagged” approach
Mixed data-capability
Tags determine whethercapability operation is
allowed.
“Partitioned” approach
Segregated data-capability
Capability operations areallowed on only the capability
partition of the memory.
5/17
If it is normal data, how to guarantee unforgeability?
Historically [Fabry, 1974], two approaches
“Tagged” approachMixed data-capability
Tags determine whethercapability operation is
allowed.
“Partitioned” approach
Segregated data-capability
Capability operations areallowed on only the capability
partition of the memory.
5/17
If it is normal data, how to guarantee unforgeability?
Historically [Fabry, 1974], two approaches
“Tagged” approachMixed data-capability
Tags determine whethercapability operation is
allowed.
“Partitioned” approachSegregated data-capability
Capability operations areallowed on only the capability
partition of the memory.
6/17
CHERI combines both approaches:Two Register Files, Memory, Where are capabilities stored?[Norton, 2016, Woodruff, 2014]
CHERI ISA guarantees unforgeability ofcapabilities.
6/17
CHERI combines both approaches:Two Register Files, Memory, Where are capabilities stored?[Norton, 2016, Woodruff, 2014]
CHERI ISA guarantees unforgeability ofcapabilities.
6/17
CHERI combines both approaches:Two Register Files, Memory, Where are capabilities stored?[Norton, 2016, Woodruff, 2014]
CHERI ISA guarantees unforgeability ofcapabilities.
6/17
CHERI combines both approaches:Two Register Files, Memory, Where are capabilities stored?[Norton, 2016, Woodruff, 2014]
CHERI ISA guarantees unforgeability ofcapabilities.
6/17
CHERI combines both approaches:Two Register Files, Memory, Where are capabilities stored?[Norton, 2016, Woodruff, 2014]
CHERI ISA guarantees unforgeability ofcapabilities.
7/17
A CHERI capability in a nutshell [Woodruff et al., 2014, Watson et al., 2015]
A capability is a 256-bit unforgeablevalue
7/17
A CHERI capability in a nutshell [Woodruff et al., 2014, Watson et al., 2015]
A capability is a 256-bit unforgeablevalue
7/17
A CHERI capability in a nutshell [Woodruff et al., 2014, Watson et al., 2015]
A capability is a 256-bit unforgeablevalue
7/17
A CHERI capability in a nutshell [Woodruff et al., 2014, Watson et al., 2015]
A capability is a 256-bit unforgeablevalue
7/17
A CHERI capability in a nutshell [Woodruff et al., 2014, Watson et al., 2015]
A capability is a 256-bit unforgeablevalue
8/17
Overview of the CHERI machine
CHERI instruction execution
8/17
Overview of the CHERI machine
CHERI instruction execution
8/17
Overview of the CHERI machine
CHERI instruction execution
8/17
Overview of the CHERI machine
CHERI instruction execution
9/17
Our formal model of the CHERI ISA
Decoupled addressing and authorization, no relativeaddressing
9/17
Our formal model of the CHERI ISA
Decoupled addressing and authorization, no relativeaddressing
9/17
Our formal model of the CHERI ISA
Decoupled addressing and authorization, no relativeaddressing
9/17
Our formal model of the CHERI ISA
Decoupled addressing and authorization, no relativeaddressing
10/17
Our formal model of the CHERI ISA - Simplifications
Our formal model
I Word-addressableI Based on BinOp and a
couple of moveoperations
I Goes stuckI Models uniprocessor
CHERI
I Byte-addressableI Based on complete MIPS
I Raises exceptionsI Offers synchronization
instructions
10/17
Our formal model of the CHERI ISA - Simplifications
Our formal model
I Word-addressableI Based on BinOp and a
couple of moveoperations
I Goes stuckI Models uniprocessor
CHERI
I Byte-addressableI Based on complete MIPS
I Raises exceptionsI Offers synchronization
instructions
10/17
Our formal model of the CHERI ISA - Simplifications
Our formal model
I Word-addressableI Based on BinOp and a
couple of moveoperations
I Goes stuckI Models uniprocessor
CHERI
I Byte-addressableI Based on complete MIPS
I Raises exceptionsI Offers synchronization
instructions
11/17
Our formal model of the CHERI ISAExamples from the Instruction Set 1/2
load rd rs cc must contain a valid capability on address reg(rs) thatprovides the load permission.
11/17
Our formal model of the CHERI ISAExamples from the Instruction Set 1/2
load rd rs cc must contain a valid capability on address reg(rs) thatprovides the load permission.
11/17
Our formal model of the CHERI ISAExamples from the Instruction Set 1/2
load rd rs cc must contain a valid capability on address reg(rs) thatprovides the load permission.
11/17
Our formal model of the CHERI ISAExamples from the Instruction Set 1/2
load rd rs cc must contain a valid capability on address reg(rs) thatprovides the load permission.
12/17
Our formal model of the CHERI ISAExamples from the Instruction Set 2/2
ccall cc cdcc: sealed code capability, cd: sealed data capability, Newprotection domain to be called
12/17
Our formal model of the CHERI ISAExamples from the Instruction Set 2/2
ccall cc cdcc: sealed code capability, cd: sealed data capability, Newprotection domain to be called
12/17
Our formal model of the CHERI ISAExamples from the Instruction Set 2/2
ccall cc cdcc: sealed code capability, cd: sealed data capability, Newprotection domain to be called
12/17
Our formal model of the CHERI ISAExamples from the Instruction Set 2/2
ccall cc cdcc: sealed code capability, cd: sealed data capability, Newprotection domain to be called
12/17
Our formal model of the CHERI ISAExamples from the Instruction Set 2/2
ccall cc cdcc: sealed code capability, cd: sealed data capability, Newprotection domain to be called
12/17
Our formal model of the CHERI ISAExamples from the Instruction Set 2/2
ccall cc cdcc: sealed code capability, cd: sealed data capability, Newprotection domain to be called
12/17
Our formal model of the CHERI ISAExamples from the Instruction Set 2/2
ccall cc cdcc: sealed code capability, cd: sealed data capability, Newprotection domain to be called
13/17
Our formal model of the CHERI ISACapability Unforgeability
TheoremIf a permission does not exist on an allocated address at theinitial state, then this permission can never appear after any
execution sequence.
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1);5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A();14 a_in_B1.methodA1(this);15 }16 }1718 class Main {19 main () { ⇐=20 bMain = new B();21 bMain.methodB1();22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1);5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A();14 a_in_B1.methodA1(this);15 }16 }1718 class Main {19 main () {20 bMain = new B(); ⇐=21 bMain.methodB1();22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1);5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A();14 a_in_B1.methodA1(this);15 }16 }1718 class Main {19 main () {20 bMain = new B();21 bMain.methodB1(); ⇐=22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1);5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() { ⇐=13 a_in_B1 = new A();14 a_in_B1.methodA1(this);15 }16 }1718 class Main {19 main () {20 bMain = new B();21 bMain.methodB1();22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1);5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A(); ⇐=14 a_in_B1.methodA1(this);15 }16 }1718 class Main {19 main () {20 bMain = new B();21 bMain.methodB1();22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1);5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A();14 a_in_B1.methodA1(this); ⇐=15 }16 }1718 class Main {19 main () {20 bMain = new B();21 bMain.methodB1();22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) { ⇐=4 foo(obj.fieldB1);5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A();14 a_in_B1.methodA1(this);15 }16 }1718 class Main {19 main () {20 bMain = new B();21 bMain.methodB1();22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1); ⇐=5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A();14 a_in_B1.methodA1(this);15 }16 }1718 class Main {19 main () {20 bMain = new B();21 bMain.methodB1();22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1); ⇐=5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A();14 a_in_B1.methodA1(this);15 }16 }1718 class Main {19 main () {20 bMain = new B();21 bMain.methodB1();22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1); =⇒5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A();14 a_in_B1.methodA1(this);15 }16 }1718 class Main {19 main () {20 bMain = new B();21 bMain.methodB1();22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1);5 } ⇐=6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A();14 a_in_B1.methodA1(this);15 }16 }1718 class Main {19 main () {20 bMain = new B();21 bMain.methodB1();22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1);5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A();14 a_in_B1.methodA1(this);15 } ⇐=16 }1718 class Main {19 main () {20 bMain = new B();21 bMain.methodB1();22 }23 }
Current Active Compartment
14/17
What we mean by Compartmentalization
Compartmentalization - DefinitionA compartment is code and data memory, along with legal externaljump destinations and load/store addresses. (similar to the paper on
Micropolicies [De Amorim et al., 2015])
1 class A {2 private fieldA1;3 public methodA1(B obj) {4 foo(obj.fieldB1);5 }6 }78 class B {9 public fieldB1;
10 private fieldB2;1112 public methodB1() {13 a_in_B1 = new A();14 a_in_B1.methodA1(this);15 }16 }1718 class Main {19 main () {20 bMain = new B();21 bMain.methodB1();22 } ⇐=23 }
Current Active Compartment
15/17
Theorem - Execution confined to compartments
A state’s restricteveness to a compartments set preserved byexecution, Some illegal behaviors prohibited
15/17
Theorem - Execution confined to compartments
A state’s restricteveness to a compartments set preserved byexecution, (1) Illegal to load foreign capabilities
15/17
Theorem - Execution confined to compartments
A state’s restricteveness to a compartments set preserved byexecution, (1) Illegal to load foreign capabilities
15/17
Theorem - Execution confined to compartments
A state’s restricteveness to a compartments set preserved byexecution, (2) Illegal to jump arbitrarily, only entry points
15/17
Theorem - Execution confined to compartments
A state’s restricteveness to a compartments set preserved byexecution, (2) Illegal to jump arbitrarily, only entry points
15/17
Theorem - Execution confined to compartments
A state’s restricteveness to a compartments set preserved byexecution, (3) Illegal to read/write unshared data
16/17
Summary
I Capability-based ISAI Capability UnforgeabilityI Compartmentalization Preservation
I Future: Dynamically share dataI Future: Paper formalization of a secure compiler to CHERI
Thank you!
16/17
Summary
I Capability-based ISAI Capability UnforgeabilityI Compartmentalization PreservationI Future: Dynamically share dataI Future: Paper formalization of a secure compiler to CHERI
Thank you!
16/17
Summary
I Capability-based ISAI Capability UnforgeabilityI Compartmentalization PreservationI Future: Dynamically share dataI Future: Paper formalization of a secure compiler to CHERI
Thank you!
17/17
References I
[De Amorim et al., 2015] De Amorim, A. A., Dénes, M., Giannarakis, N., Hritcu, C., Pierce, B. C., Spector-Zabusky,A., and Tolmach, A. (2015).Micro-policies: Formally verified, tag-based security monitors.In Security and Privacy (SP), 2015 IEEE Symposium on, pages 813–830. IEEE.
[Fabry, 1974] Fabry, R. S. (1974).Capability-based addressing.Commun. ACM, 17(7):403–412.
[Levy, 1984] Levy, H. M. (1984).Capability-Based Computer Systems.Butterworth-Heinemann, Newton, MA, USA.
[Norton, 2016] Norton, R. M. (2016).Hardware support for compartmentalisation.Technical Report UCAM-CL-TR-887, University of Cambridge, Computer Laboratory.
[Watson et al., 2015] Watson, R. N., Woodruff, J., Neumann, P. G., Moore, S. W., Anderson, J., Chisnall, D., Dave,N., Davis, B., Gudka, K., Laurie, B., et al. (2015).Cheri: A hybrid capability-system architecture for scalable software compartmentalization.In Security and Privacy (SP), 2015 IEEE Symposium on, pages 20–37. IEEE.
[Woodruff et al., 2014] Woodruff, J., Watson, R. N., Chisnall, D., Moore, S. W., Anderson, J., Davis, B., Laurie, B.,Neumann, P. G., Norton, R., and Roe, M. (2014).The cheri capability model: Revisiting risc in an age of risk.SIGARCH Comput. Archit. News, 42(3):457–468.
[Woodruff, 2014] Woodruff, J. D. (2014).CHERI: A RISC capability machine for practical memory safety.Technical Report UCAM-CL-TR-858, University of Cambridge, Computer Laboratory.
1/2
Backup I
Semantics of ccall instruction for compartmentalization
m(pc) = 〈0, ccall cc cd cdd〉 cr ` callable(cc,cd)cc′ = unsealed(cr(cc)) cd ′ = unsealed(cr(cd))
pcc′ = cc′ cr ′ = {cdd 7→ cd ′}pc′ = compute_call_address(cr(cc′))
pcc ` executable(pc)〈m, r , cr ,pc, pcc, next_free〉 → 〈m, r , cr ′,pc′, pcc′, next_free〉
(ccall)
CompartmentA 5-tuple of sets of addresses,c = (Code,Data, J,L,S) ∈ 2Addr × 2Addr × 2Addr × 2Addr × 2Addr
is called a compartment iff (c.J ∪ c.Code) ∩ (c.S ∪ c.Data) = ∅.We refer to c.Code ∪ c.Data as the address space of c. Werefer to c.J as the set of legal jump targets, and c.L/c.S as theset of legal load/store targets.
2/2
Backup IIDisjoint compartmentsTwo compartments ci , cj are said to be disjoint, writtenci ∩ cj = ∅ iff (ci .Code ∪ ci .Data) ∩ (cj .Code ∪ cj .Data) = ∅.
A valid set of compartmentsA set C ⊂ 2Addr × 2Addr × 2Addr × 2Addr × 2Addr is a valid set ofcompartments iff every c ∈ C is a compartment and(⋃
ci∈Cci .J ∪ ci .Code) ∩ (
⋃ci∈C
ci .S ∪ ci .Data) = ∅ and
∀ci , cj ∈ C. i 6= j ⇒ ci ∩ cj = ∅ and⋃
c∈C(c.L ∪ c.S) ⊆
⋃c∈C
c.Data
and⋃
c∈Cc.J ⊆
⋃c∈C
c.Code.
Capability register file and memory more restrictive than acompartment, and a compartment setA pair of capability register file and memory 〈cr ,m〉 is said to bemore restrictive than compartment and a compartment set〈c∗,C〉, written 〈cr ,m〉 � 〈c∗,C〉 iff: . . .