Hardware-Software Co-design for Practical Memory Safety

Abstract

The lack of memory safety in programs written in C and C++ has provided a significant opportunity for exploitation by attackers. For example, a simple buffer overflow can lead to silent memory corruption, information leakage, or privilege escalation. Over the last three decades, both industry and academia have proposed various software and hardware solutions to address the C/C++ memory (un)safety problem. Unfortunately, prior techniques either (1) offer incomplete security coverage or (2) come with substantial memory and runtime overheads, making them impractical for real-world deployment.

This thesis demonstrates that leveraging common software trends and rethinking computer microarchitectures can efficiently circumvent the problems of traditional memory safety solutions for C and C++. Specifically, this thesis advances the state of the art in three different directions for mitigating memory safety violations—namely memory blocklisting, memory permitlisting, and exploit mitigation. First, I present CaLiForms, a hardware primitive that uses dead spaces in program memory in order to store memory blocklisting metadata without increasing the program’s memory footprint. Then, I introduce No-FAT, a secure permitlisting-based architecture that leverages the current software development trend towards using binning memory allocators to effectively enforce memory safety. Finally, I explain ZeRØ, an exploit mitigation technique that enforces code- and data-pointer integrity with zero runtime costs.

Publication
Ph.D Dissertation

Related