29,011 research outputs found
Shining Light On Shadow Stacks
Control-Flow Hijacking attacks are the dominant attack vector against C/C++
programs. Control-Flow Integrity (CFI) solutions mitigate these attacks on the
forward edge,i.e., indirect calls through function pointers and virtual calls.
Protecting the backward edge is left to stack canaries, which are easily
bypassed through information leaks. Shadow Stacks are a fully precise mechanism
for protecting backwards edges, and should be deployed with CFI mitigations. We
present a comprehensive analysis of all possible shadow stack mechanisms along
three axes: performance, compatibility, and security. For performance
comparisons we use SPEC CPU2006, while security and compatibility are
qualitatively analyzed. Based on our study, we renew calls for a shadow stack
design that leverages a dedicated register, resulting in low performance
overhead, and minimal memory overhead, but sacrifices compatibility. We present
case studies of our implementation of such a design, Shadesmar, on Phoronix and
Apache to demonstrate the feasibility of dedicating a general purpose register
to a security monitor on modern architectures, and the deployability of
Shadesmar. Our comprehensive analysis, including detailed case studies for our
novel design, allows compiler designers and practitioners to select the correct
shadow stack design for different usage scenarios.Comment: To Appear in IEEE Security and Privacy 201
Recommended from our members
Percolation scheduling for non-VLIW machines
Percolation Scheduling, a technique for compile-time code parallelization, has proven very successful for exploiting fine-grain irregular parallelism in ordinary programs. Currently, this technology is targeted only to VLIW (Very Long Instruction Word) machines, which have the advantages of 'free' synchronization and communication. Shared memory multi-processors can simulate the execution characteristics of VLIW machines with the use of static barriers. Preliminary results show that Percolation Scheduling can be used with good results on this type of architecture by increasing the granularity from operation level to source statement level, removing any redundant synchronization, and providing an efficient implementation of multi-way jumps
Toward an architecture for quantum programming
It is becoming increasingly clear that, if a useful device for quantum
computation will ever be built, it will be embodied by a classical computing
machine with control over a truly quantum subsystem, this apparatus performing
a mixture of classical and quantum computation.
This paper investigates a possible approach to the problem of programming
such machines: a template high level quantum language is presented which
complements a generic general purpose classical language with a set of quantum
primitives. The underlying scheme involves a run-time environment which
calculates the byte-code for the quantum operations and pipes it to a quantum
device controller or to a simulator.
This language can compactly express existing quantum algorithms and reduce
them to sequences of elementary operations; it also easily lends itself to
automatic, hardware independent, circuit simplification. A publicly available
preliminary implementation of the proposed ideas has been realized using the
C++ language.Comment: 23 pages, 5 figures, A4paper. Final version accepted by EJPD ("swap"
replaced by "invert" for Qops). Preliminary implementation available at:
http://sra.itc.it/people/serafini/quantum-computing/qlang.htm
Time Protection: the Missing OS Abstraction
Timing channels enable data leakage that threatens the security of computer
systems, from cloud platforms to smartphones and browsers executing untrusted
third-party code. Preventing unauthorised information flow is a core duty of
the operating system, however, present OSes are unable to prevent timing
channels. We argue that OSes must provide time protection in addition to the
established memory protection. We examine the requirements of time protection,
present a design and its implementation in the seL4 microkernel, and evaluate
its efficacy as well as performance overhead on Arm and x86 processors
- …