Mem Tag


Q & A

  • Is it possible to automatically set/check tags without changing ISA interface?

Taint tracking tags?

References:

  • Efficient Tagged Memory, ICCD, 2017.
  • CheriABI UCAM-CL-TR-932, 2019.
  • Secure program execution via dynamic information flow tracking. 2004, ASPLOS.
  • A small cache of large ranges: Hardware methods for efficiently searching, storing, and updating big dataflow tags. 2008. MICRO.
  • Hardware enforcement of application security policies using tagged memory. 2008, OSDI.
  • E. Witchel, J. Cates, and K. Asanović, Mondrian memory protection. ACM, 2002, vol. 30, no. 5
  • D. Y. Deng, Flexible and efficient accelerator architecture for runtime monitoring. Cornell University, 2016.

More

  • 2004 SigNotice: Secure Program Execution via Dynamic Information Flow Tracking
  • References: Suh, G. Edward, Jae W. Lee, David Zhang, and Srinivas Devadas. “Secure program execution via dynamic information flow tracking.” ACM Sigplan Notices 39, no. 11 (2004): 85-96. More

  • Addr San
  • Reference 1 reference ↩

  • 2012 Watchdog
  • References: Watchdog: Hardware for Safe and Secure Manual Memory Management and Full Memory Safety, Nagarakatte, Santosh, Milo MK Martin, and Steve Zdancewic. In 2012 39th Annual International Symposium on Computer Architecture (ISCA), pp. 189-200. IEEE, 2012. Identifier for all pointers: For pointers in registers: Watchdog extends every register with a sidecar identifier register. For pointers in memory: Watchdog provides a shadow memory that shadows every word of memory with an identifier for pointers.

  • 2002 Mondrian
  • References: E. Witchel, J. Cates, and K. Asanovi´c. Mondrian memory protection. In Proceedings of the 10th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pages 304–316, Oct 2002. MMP: Mondrian memory protection. In constrast to earlier page-based systems, MMP allows arbitrary permissions control at granularity of individual words. a compressed permissions table to reduce space overheads employ two levels of permissions caching to reduce run-time overheads Evaluation: zero-copy networking underneath the standard read system call interface, where packet payload fragements are connected together by the translation system to avoid data copying.

  • 2005 Safemem
  • References: reference A novel use of ECC memory technology to detect first access to a user-directed memory region –> can be used to detect memory leaks and memory corruption. ECC 7 bits to protect 32 bits, or 8 bits to protect 64 bits [c18] Four modes: Disabled. Check-Only. detect single-bit and multi-bit errors. Correct-Error. + correct single-bit errors. Correct-and-Scrub. + Scrubs memory periodically to check and correct hardware errors.

  • Memory Protection Keys
  • References: Memory Protection Keys Overview: Up to 16 protection domains with 4-bit tag on each page: Four (previously unused) bits in each page-table entry can be used to assign one of sixteen “key” values to any given page. A new 32-bit processor register with two bits for each key value. Setting “write disable” bit for a given key will block all attempts to write a page with that key value; Setting “access disable” bit will block reads; MPK feature thus allows a process to partition its memory into a maximum of sixteen regions and to selectively disable or enable access to any of those regions.

  • MTE: Memory Tag Extension
  • References: Memory Tagging Extension: Enhancing memory safety through architecture Armv8.5-A Memory Tagging Extension, White Paper The Arm64 memory tagging extension in Linux MTE aims to increase the memory safety of code written in unsafe languages without requiring source changes, and in some cases, without requiring recompilation. MTE provides a mechanism to detect both main categories of memory safety violation (spatial & temporal). MTE assists the detection of potential vulnerabilities before

Created Apr 30, 2020 // Last Updated Jul 5, 2021

If you could revise
the fundmental principles of
computer system design
to improve security...

... what would you change?