MicroStache: A Lightweight Execution Context for In-Process Safe Region Isolation

@inproceedings{Mogosanu2018MicroStacheAL,
  title={MicroStache: A Lightweight Execution Context for In-Process Safe Region Isolation},
  author={Lucian Mogosanu and Ashay Rane and Nathan Dautenhahn},
  booktitle={RAID},
  year={2018}
}
In this work we present, MicroStache, a specialized hardware mechanism and new process abstraction for accelerating safe region security solutions. In the safe region paradigm, an application is split into safe and unsafe parts. Unfortunately, frequent mixing of safe and unsafe operations stresses memory isolation mechanisms. MicroStache addresses this challenge by adding an orthogonal execution domain into the process abstraction, consisting of a memory segment and minimal instruction set… 
ERIM: Secure, Efficient In-process Isolation with Memory Protection Keys (MPK)
TLDR
ERIM is presented, a novel technique that provides hardware-enforced isolation with low overhead on x86 CPUs, even at high switching rates (ERIM's measured overhead is less than 1% for 100,000 switches per second).
ERIM: Secure and Efficient In-process Isolation with Memory Protection Keys
Many applications can benefit from isolating sensitive data in a secure library. Examples include protecting cryptographic keys behind a narrow cryptography API to defend against vulnerabilities like
Domain Page-Table Isolation
TLDR
The results show that DPTI is a viable mechanism to isolate domains within applications using only existing mechanisms available on modern CPUs, without relying on special hardware instructions or extensions.
ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK)
TLDR
ERIM is presented, a novel technique that provides hardware-enforced isolation with low overhead on x86 CPUs, even at high switching rates (ERIM’s measured overhead is less than 1% for 100,000 switches per second).
Donky: Domain Keys - Efficient In-Process Isolation for RISC-V and x86
TLDR
Donky, an efficient hardware-software codesign for strong in-process isolation based on dynamic memory protection domains, is proposed and an open-source implementation on a RISC-V Ariane CPU and an Intel-MPK-based emulation mode for x86 is provided.
SEIMI: Efficient and Secure SMAP-Enabled Intra-process Memory Isolation
TLDR
SEIMI, a highly efficient intra-process memory isolation technique for memory-corruption defenses to protect their sensitive data, is proposed and extensive experimental results show that SEIMI outperforms existing isolation mechanisms, including both the Memory protection Keys (MPK) based scheme and the Memory Protection Extensions (MPX) based schemes, while providing secure memory isolation.
libmpk: Software Abstraction for Intel Memory Protection Keys
Intel memory protection keys (MPK) is a new hardware feature to support thread-local permission control on groups of pages without requiring modification of page tables. Unfortunately, its current
PKU Pitfalls: Attacks on PKU-based Memory Isolation Systems
TLDR
Using two recently-proposed memory isolation systems, it is shown that such designs are vulnerable to generic attacks that bypass memory isolation and argues that the root cause stems from a fundamentally different security model between kernel abstractions and user-level, intra-process memory isolation.
You shall not (by)pass!: practical, secure, and fast PKU-based sandboxing
TLDR
Cerberus is presented, a PKU-based sandboxing framework that can overcome limitations of existing sandboxes, and is applied to several memory isolation schemes, and shows that it is practical, efficient, and secure.
Garmr: Defending the gates of PKU-based sandboxing
TLDR
Garmr is presented, a PKU-based sandboxing framework that can overcome limitations of existing sandboxes and apply Garmr to several memory isolation schemes and show that it is practical, efficient and secure.
...
1
2
...

References

SHOWING 1-10 OF 49 REFERENCES
Secure virtual architecture: a safe execution environment for commodity operating systems
TLDR
An efficient and robust approach to provide a safe execution environment for an entire operating system, such as Linux, and all its applications, by using a novel approach that exploits properties of existing memory pools in the kernel and by preserving the kernel's explicit control over memory.
Hardbound: architectural support for spatial safety of the C programming language
TLDR
A hardware bounded pointer architectural primitive that supports cooperative hardware/software enforcement of spatial memory safety for C programs is proposed, which is a new hardware primitive datatype for pointers that leaves the standard C pointer representation intact, but augments it with bounds information maintained separately and invisibly by the hardware.
No Need to Hide: Protecting Safe Regions on Commodity Hardware
TLDR
This paper revisits isolation for x86-64 and argues that hardware features enabling efficient deterministic isolation do exist and introduces MemSentry, a framework to harden modern defense systems with commodity hardware features instead of information hiding.
Architectural Support for Software-Defined Metadata Processing
TLDR
This work generalizes prior work on hardware tagging by considering a generic architecture that supports software-defined policies over metadata of arbitrary size and complexity and introduces several novel microarchitectural optimizations that keep the overhead of this rich processing low.
WatchdogLite: Hardware-Accelerated Compiler-Based Pointer Checking
TLDR
This paper proposes WatchdogLite, an ISA extension that provides hardware acceleration for a compiler implementation of pointer-based checking, which attains performance similar to prior hardware-intensive approaches without adding any hardware structures for tracking metadata.
SoftBound: highly compatible and complete spatial memory safety for c
TLDR
Inspired by HardBound, a previously proposed hardware-assisted approach, SoftBound similarly records base and bound information for every pointer as disjoint metadata, which enables SoftBound to provide spatial safety without requiring changes to C source code.
HDFI: Hardware-Assisted Data-Flow Isolation
TLDR
This paper presents hardware-assisted data-flow isolation, or, HDFI, a new fine-grained data isolation mechanism that is broadly applicable and very efficient, and enforces isolation at the machine word granularity.
Efficient software-based fault isolation
TLDR
It is demonstrated that for frequently communicating modules, implementing fault isolation in software rather than hardware can substantially improve end-to-end application performance.
IMIX: In-Process Memory Isolation EXtension
TLDR
IMIX is a lightweight, inprocess memory isolation extension for the Intel-based x86 CPUs that extends the x86 ISA with a new memory-access permission to mark memory pages as security sensitive and can be leveraged as a primitive to protect the data of a wide variety of memory-corruption defenses.
GhostRider: A Hardware-Software System for Memory Trace Oblivious Computation
TLDR
This paper presents a new, co-designed compiler and architecture called GhostRider for supporting privacy preserving computation in the cloud, and formalized the approach and proved it enjoys MTO.
...
1
2
3
4
5
...