Projects per year
Abstract
Memory safety vulnerabilities are a severe threat to modern computer systems allowing adversaries to leak or modify security-critical data. To protect systems from this attack vector, full memory safety is required. As software-based countermeasures tend to induce significant runtime overheads, which is not acceptable for production code, hardware assistance is needed. Tagged memory architectures, e.g., already offered by the ARM MTE and SPARC ADI extensions, assign meta-information to memory objects, thus allowing to implement memory safety policies. However, due to the high tag collision probability caused by the small tag sizes, the protection guarantees of these schemes are limited.
This paper presents Multi-Tag, the first hardware-software co-design utilizing a multi-granular tagging structure that provides strong protection against spatial and temporal memory safety violations. By combining object-granular memory tags with page-granular tags stored in the page table entries, Multi-Tag overcomes the limitation of small tag sizes. Introducing page-granular tags significantly enhances the probabilistic protection capabilities of memory tagging without increasing the memory overhead or the system's complexity. We develop a prototype implementation comprising a gem5 model of the tagged architecture, a Linux kernel extension, and an LLVM-based compiler toolchain. The simulated performance overhead for the SPEC CPU2017 and nbench-byte benchmarks highlights the practicability of our design.
This paper presents Multi-Tag, the first hardware-software co-design utilizing a multi-granular tagging structure that provides strong protection against spatial and temporal memory safety violations. By combining object-granular memory tags with page-granular tags stored in the page table entries, Multi-Tag overcomes the limitation of small tag sizes. Introducing page-granular tags significantly enhances the probabilistic protection capabilities of memory tagging without increasing the memory overhead or the system's complexity. We develop a prototype implementation comprising a gem5 model of the tagged architecture, a Linux kernel extension, and an LLVM-based compiler toolchain. The simulated performance overhead for the SPEC CPU2017 and nbench-byte benchmarks highlights the practicability of our design.
Original language | English |
---|---|
Title of host publication | ASIA CCS 2023 - Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security |
Publisher | Association of Computing Machinery |
Pages | 177-189 |
Number of pages | 13 |
ISBN (Electronic) | 9798400700989 |
DOIs | |
Publication status | Published - 10 Jul 2023 |
Event | 2023 ACM ASIA Conference on Computer and Communications Security: ASIA CCS 2023 - Melbourne, Australia Duration: 10 Jul 2023 → 14 Jul 2023 Conference number: 2023 |
Publication series
Name | Proceedings of the ACM Conference on Computer and Communications Security |
---|---|
ISSN (Print) | 1543-7221 |
Conference
Conference | 2023 ACM ASIA Conference on Computer and Communications Security |
---|---|
Abbreviated title | ASIA CCS 2023 |
Country/Territory | Australia |
City | Melbourne |
Period | 10/07/23 → 14/07/23 |
Keywords
- Memory Safety
- Multi-Granular Tags
- Tagged Memory Architecture
ASJC Scopus subject areas
- Software
- Computer Networks and Communications
Fingerprint
Dive into the research topics of 'Multi-Tag: A Hardware-Software Co-Design for Memory Safety based on Multi-Granular Memory Tagging'. Together they form a unique fingerprint.-
AWARE - Hardware-Ensured Software Security
Mangard, S. (Co-Investigator (CoI))
1/05/22 → 30/04/25
Project: Research project
-
SEIZE - Secure Edge Devices For Industrial Zero-Trust Environments
Mangard, S. (Co-Investigator (CoI))
1/01/22 → 31/12/24
Project: Research project