Publications

Publications

Type of Publication: Article in Collected Edition

Hardware Control Flow Integrity

Author(s):
Yier Jin; Dean Sullivan; Orlando Arias; Ahmad-Reza Sadeghi; Lucas Davi
Editor:
Per Larsen; Ahmad-Reza Sadeghi
Title of Anthology:
The Continuing Arms Race: Code-Reuse Attacks and Defenses
pages:
181-210
Publisher:
Association for Computing Machinery and Morgan & Claypool
Publication Date:
2018
ISBN:
978-1-97000-183-9
Digital Object Identifier (DOI):
doi:10.1145/3129743.3129751
Citation:
LABEL-FOR-eidrisexport

Abstract

Control-Flow Integrity (CFI) is a promising and general defense against control-flow hijacking with formal underpinnings. A key insight from the extensive research on CFI is that its effectiveness depends on the precision and coverage of a program's Control-Flow Graph (CFG). Since precise CFG generation is highly challenging and often difficult, many CFI schemes rely on brittle heuristics and imprecise, coarse-grained CFGs. Furthermore, comprehensive, fine-grained CFI defenses implemented purely in software incur overheads that are unacceptably high. In this chapter, we first specify a CFI model that captures many known CFI techniques, including stateless and stateful approaches as well as fine-grained and coarse-grained CFI policies.We then design and implement a novel hardwareenhanced CFI. Key to this approach is a set of dedicated CFI instructions that can losslessly enforce any CFG and diverse CFI policies within our model. Moreover, we fully support multi-tasking and shared libraries, prevent various forms of codereuse attacks, and allow code protected with CFI to interoperate with unprotected legacy code. Our prototype implementation on the SPARC LEON3 is highly efficient with a performance overhead of 1.75% on average when applied to several SPECInt2006 benchmarks and 0.5% when applied to EEMBC's CoreMark benchmark.