Control-Flow Integrity (CFI) is a class of defensive techniques against control-flow attacks such as Return-Oriented Programming. We propose a light-weight CFI scheme for RTOS-based applications, TZmCFI, which utilizes TrustZone for Armv8-M, a hardware-assisted security feature for embedded systems with tight resource constraints. TZmCFI embodies several existing CFI techniques to provide a comprehensive protection. The traditional shadow stack technique is used to ensure stack integrity and validate function returns. To protect exception handlers, TZmCFI extends shadow exception stacks, which are a variant of the traditional shadow stack technique we proposed in our previous work, for RTOS integration and performance improvement. We conducted an experiment on Arm Versatile Express Cortex-M Prototyping System (V2M-MPS2+) to evaluate the run-time overhead of the proposed system.

中文翻译：

---

TZmCFI：使用 TrustZone for Armv8-M 的 RTOS 感知控制流完整性

控制流完整性 (CFI) 是一类针对控制流攻击（例如面向返回编程）的防御技术。我们为基于 RTOS 的应用程序提出了一种轻量级 CFI 方案，TZmCFI，它利用 TrustZone for Armv8-M，这是一种硬件辅助安全功能，适用于具有严格资源限制的嵌入式系统。TZmCFI 体现了几种现有的 CFI 技术，以提供全面的保护。传统的影子堆栈技术用于确保堆栈完整性和验证函数返回。为了保护异常处理程序，TZmCFI 扩展了影子异常堆栈，这是我们在之前的工作中提出的传统影子堆栈技术的一种变体，用于 RTOS 集成和性能改进。