ABSTRACT
Memory safety is paramount for secure systems. Pointer-based memory safety relies on additional information (metadata) to check validity when a pointer is dereferenced. Such operations on the metadata introduce significant performance overhead to the system. This paper presents HWST128, a system to reduce performance overhead by using hardware/software co-design. As a result, the system described achieves spatial and temporal safety by utilizing microarchitecture support, pointer analysis from the compiler, and metadata compression. HWST128 is the first complete solution for memory safety (spatial and temporal) on RISC-V. The system is implemented and tested on a Xilinx ZCU102 FPGA board with 1536 LUTs (+4.11%) and 112 FFs (+0.66%) on top of a Rocket Chip processor. HWST128 is 3.74× faster than the equivalent software-based safety system in the SPEC2006 benchmark suite while providing similar or better security coverage for the Juliet test suite.
- Szekeres et al., "Sok: Eternal war in memory," in 2013 IEEE Symposium on Security and Privacy, pp. 48--62, IEEE, 2013.Google Scholar
- MITRE, "Cwe top 25 most dangerous software errors," 2021.Google Scholar
- G. C. Necula, McPeak, et al., "Ccured: Type-safe retrofitting of legacy code," in ACM SIGPLAN Notices, vol. 37, pp. 128--139, ACM, 2002.Google ScholarDigital Library
- J. Devietti et al., "Hardbound: architectural support for spatial safety of the c programming language," in ACM SIGARCH Computer Architecture News, vol. 36, pp. 103--114, ACM, 2008.Google ScholarDigital Library
- S. Nagarakatte, Zhao, et al., "Softbound: Highly compatible and complete spatial memory safety for c," ACM Sigplan Notices, vol. 44, no. 6, pp. 245--258, 2009.Google ScholarDigital Library
- S. Nagarakatte, Zhao, et al., "Cets: compiler enforced temporal safety for c," in ACM Sigplan Notices, vol. 45, pp. 31--40, ACM, 2010.Google ScholarDigital Library
- H. Dow, T. Li, W. Miles, and S. Parameswaran, "SHORE: hardware/software method for memory safety acceleration on RISC-V," in Design Automation Conference, 2021, pp. 289--294, IEEE, 2021.Google Scholar
- K. Serebryany, D. Bruening, et al., "Addresssanitizer: A fast address sanity checker," in USENIX'12, p. 28, USENIX Association, 2012.Google Scholar
- C. Kil, Jun, et al., "Address space layout permutation (aslp): Towards fine-grained randomization of commodity software," in ACSAC'06, pp. 339--348, IEEE, 2006.Google Scholar
- ARM, "Arm memory tagging extension whitepape," 2019.Google Scholar
- Woodruff et al., "The cheri capability model: Revisiting risc in an age of risk," in ISCA'14, pp. 457--468, IEEE, 2014.Google Scholar
- S. Nagarakatte et al., "Watchdoglite: Hardware-accelerated compiler-based pointer checking," in Proc. CGO, 2014.Google ScholarDigital Library
- R. Ramakesavan, D. Zimmerman, and P. Singaravelu, "Intel memory protection extensions (intel mpx) enabling guide," 2015.Google Scholar
- T. Zhang, D. Lee, and C. Jung, "Bogo: Buy spatial memory safety, get temporal memory safety (almost) free," in ASPLOS'19, pp. 631--644, 2019.Google Scholar
- C. Lattner and V. Adve, "LLVM: a compilation framework for lifelong program analysis transformation," in Proc. CGO, 2004.Google ScholarCross Ref
- S. Das, Unnithan, et al., "Shakti-ms: a risc-v processor for memory safety in c," in Proc. LCTES, pp. 19--32, ACM, 2019.Google Scholar
- K. Asanovic et al., "The rocket chip generator," EECS, UCB, Tech. Rep. UCB/EECS-2016-17, 2016.Google Scholar
- C. Trippel, Y. A. Manerkar, D. Lustig, M. Pellauer, and M. Martonosi, "Tricheck: Memory model verification at the trisection of software, hardware, and isa," ACM SIGPLAN Notices, vol. 52, no. 4, pp. 119--133, 2017.Google ScholarDigital Library
- J. L. Henning, "SPEC CPU2006 benchmark descriptions," SIGARCH Comput. Archit. News, vol. 34, p. 1--17, Sept. 2006.Google ScholarDigital Library
- T. Boland and P. E. Black, "Juliet 1. 1 c/c++ and java test suite," Computer, vol. 45, no. 10, pp. 88--90, 2012.Google ScholarDigital Library
- Waterman et al., "Spike RISC-V ISA simulator," 2016.Google Scholar
- Oleksenko et al., "Intel mpx explained: A cross-layer analysis of the intel mpx system stack," POMACS, vol. 2, no. 2, p. 28, 2018.Google Scholar
Index Terms
- HWST128: complete memory safety accelerator on RISC-V with metadata compression
Recommendations
Synthesizable Standard Cell FPGA Fabrics Targetable by the Verilog-to-Routing CAD Flow
Special Section on Field Programmable Logic and Applications 2015 and Regular PapersIn this article, we consider implementing field-programmable gate arrays (FPGAs) using a standard cell design methodology and present a framework for the automated generation of synthesizable FPGA fabrics. The open-source Verilog-to-Routing (VTR) FPGA ...
Comments