Memory safety for low-level software/hardware interactions

John Criswell, Nicolas Geoffray, Vikram Adve

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Systems that enforce memory safety for today’s operating system kernels and other system software do not account for the behavior of low-level software/hardware interactions such as memory-mapped I/O, MMU configuration, and context switching. Bugs in such low-level interactions can lead to violations of the memory safety guarantees provided by a safe execution environment and can lead to exploitable vulnerabilities in system software. In this work, we present a set of program analysis and run-time instrumentation techniques that ensure that errors in these low-level operations do not violate the assumptions made by a safety checking system. Our design introduces a small set of abstractions and interfaces for manipulating processor state, kernel stacks, memory mapped I/O objects, MMU mappings, and self modifying code to achieve this goal, without moving resource allocation and management decisions out of the kernel. We have added these techniques to a compiler-based virtual machine called Secure Virtual Architecture (SVA), to which the standard Linux kernel has been ported previously. Our design changes to SVA required only an additional 100 lines of code to be changed in this kernel. Our experimental results show that our techniques prevent reported memory safety violations due to low-level Linux operations and that these violations are not prevented by SVA without our techniques. Moreover, the new techniques in this paper introduce very little overhead over and above the existing overheads of SVA. Taken together, these results indicate that it is clearly worthwhile to add these techniques to an existing memory safety system.

Original languageEnglish (US)
Title of host publicationProceedings of the 18th USENIX Security Symposium
PublisherUSENIX Association
Pages83-100
Number of pages18
ISBN (Electronic)9781931971690
StatePublished - Jan 1 2009
Event18th USENIX Security Symposium - Montreal, Canada
Duration: Aug 10 2009Aug 14 2009

Publication series

NameProceedings of the 18th USENIX Security Symposium

Conference

Conference18th USENIX Security Symposium
CountryCanada
CityMontreal
Period8/10/098/14/09

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems

Fingerprint Dive into the research topics of 'Memory safety for low-level software/hardware interactions'. Together they form a unique fingerprint.

Cite this