Politecnico di Torino (logo)

Protecting Register Spilling in AArch64 Microprocessors

Andrea Fanti

Protecting Register Spilling in AArch64 Microprocessors.

Rel. Paolo Ernesto Prinetto. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2021

PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (868kB) | Preview

Memory-related vulnerabilities can be a serious threat to modern software. Main memory is vulnerable in the way that it is not aware of its contents but instead it is designed following the von-Neumann architecture. In this architecture, the CPU hands over commands to the memory, which executes them by retrieving or writing data from or to the specified location (address). Lack of content-awareness implies that sensitive data cannot be appropriately protected against tampering, unwanted eavesdroppers and the like. Memory security has then to be implemented upstream: for instance, modern operating systems isolate running processes and forbid access of others’ memory sectors. Unfor- tunately, this is not enough: some programming languages (notably C and C++) do not provide native memory protection features, and memory management and boundary checks are demanded to programmers, who are error-prone. This results in critical consequences. Register spilling is a data management mechanism supported by modern compilers, whereby machine instructions are inserted in the compiled program to store temporary results in main memory (i.e., spilled), without the programmer being able to intervene. Register spilling occurs in two main occasions: when there are no more free registers to save a result generated by some calculation, and the result is needed later during execution of the compiled program, or when a just-called function uses one or more registers that, when respecting environmental constraints (i.e., ABI rules), have to be loaded into memory. Register spilling represents a potential source of vulnerability, as registers spilled in main memory can be corrupted if the program contains a memory corruption vulnerability. A possible baseline mindset to solve this problem would be to treat memory like an untrusted peripheral where attackers have full control and proceed accordingly from there. This is precisely what is done in this thesis. The present thesis describes experiments following this approach. In particular, the work focused on an implementation of a register spilling protector for the AArch64 backend of llvm, a framework used to create compilers, notably clang. The document presents how this feature works, alongside the analysis of its effectiveness and impact on performances if compared to similar countermeasures. The two different events that originate register spills are tackled separately, as in the latter some optimizations are possible. Spillings can optionally be protected only against tampering (integrity protection) or also against passive attackers (confidentiality protection). The implementation uses Pointer Authentication instructions, introduced with ARMv8.3-A, that allows to calculate crypto- graphic authentication codes, not only for pointers, but also for generic data.

Relators: Paolo Ernesto Prinetto
Academic year: 2021/22
Publication type: Electronic
Number of Pages: 51
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING
Ente in cotutela: AALTO UNIVERSITY OF TECHNOLOGY - School of Science (FINLANDIA)
Aziende collaboratrici: Huawei Technologies Oy (Finland) Co., Ltd.
URI: http://webthesis.biblio.polito.it/id/eprint/21083
Modify record (reserved for operators) Modify record (reserved for operators)