当前位置: X-MOL 学术arXiv.cs.CR › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
CGuard: Efficient Spatial Safety for C
arXiv - CS - Cryptography and Security Pub Date : 2021-07-22 , DOI: arxiv-2107.10533
Piyus Kedia, Rahul Purandare, Udit Kumar Agarwal, Rishabh

Spatial safety violations are the root cause of many security attacks and unexpected behavior of applications. Existing techniques to enforce spatial safety work broadly at either object or pointer granularity. Object-based approaches tend to incur high CPU overheads, whereas pointer-based approaches incur both high CPU and memory overheads. SGXBounds, an object-based approach, is so far the most efficient technique that provides complete out-of-bounds protection for objects. However, a major drawback of this approach is that it restricts the application address space to 4GB. In this paper, we present CGuard, a tool that provides object-bounds protection for C applications with comparable overheads to SGXBounds without restricting the application address space. CGuard stores the bounds information just before the base address of an object and encodes the relative offset of the base address in the spare bits of the virtual address available in x86_64 architecture. For an object that can't fit in the spare bits, CGuard uses a custom memory layout that enables it to find the base address of the object in just one memory access. Our study revealed spatial safety violations in the gcc and x264 benchmarks from the SPEC CPU2017 benchmark suite and the string_match benchmark from the Phoenix benchmark suite. The execution time overheads for the SPEC CPU2017 and Phoenix benchmark suites were 44% and 25% respectively, whereas the reduction in the throughput for the Apache webserver when the CPUs were fully saturated was 30%. These results indicate that CGuard can be highly effective while maintaining a reasonable degree of efficiency.

中文翻译:

CGuard:C 的高效空间安全

空间安全违规是许多安全攻击和应用程序意外行为的根本原因。现有技术在对象或指针粒度上广泛地执行空间安全工作。基于对象的方法往往会导致高 CPU 开销,而基于指针的方法会导致高 CPU 和内存开销。SGXBounds 是一种基于对象的方法,是迄今为止为对象提供完整越界保护的最有效技术。但是,这种方法的一个主要缺点是它将应用程序地址空间限制为 4GB。在本文中,我们介绍了 CGuard,这是一种为 C 应用程序提供对象边界保护的工具,其开销与 SGXBounds 相当,但不限制应用程序地址空间。CGuard 在对象的基地址之前存储边界信息,并在 x86_64 架构中可用的虚拟地址的备用位中编码基地址的相对偏移量。对于无法放入备用位的对象,CGuard 使用自定义内存布局,使其能够在一次内存访问中找到对象的基地址。我们的研究揭示了来自 SPEC CPU2017 基准测试套件的 gcc 和 x264 基准测试以及来自 Phoenix 基准测试套件的 string_match 基准测试中的空间安全违规。SPEC CPU2017 和 Phoenix 基准套件的执行时间开销分别为 44% 和 25%,而当 CPU 完全饱和时,Apache Web 服务器的吞吐量减少了 30%。
更新日期:2021-07-23
down
wechat
bug