HeapSafe: Securing Unprotected Heaps in RISC-V

05/18/2021
by   Asmit De, et al.
0

RISC-V is a promising open-source architecture primarily targeted for embedded systems. Programs compiled using the RISC-V toolchain can run bare-metal on the system, and, as such, can be vulnerable to several memory corruption vulnerabilities. In this work, we present HeapSafe, a lightweight hardware assisted heap-buffer protection scheme to mitigate heap overflow and use-after-free vulnerabilities in a RISC-V SoC. The proposed scheme tags pointers associated with heap buffers with metadata indices and enforces tag propagation for commonly used pointer operations. The HeapSafe hardware is decoupled from the core and is designed as a configurable coprocessor and is responsible for validating the heap buffer accesses. Benchmark results show a 1.5X performance overhead and 1.59 a software protection. We further implemented a HeapSafe-nb, an asynchronous validation design, which improves performance by 27 HeapSafe.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
11/18/2018

libmpk: Software Abstraction for Intel Memory Protection Keys

Intel memory protection keys (MPK) is a new hardware feature to support ...
research
02/14/2023

L4 Pointer: An efficient pointer extension for spatial memory safety support without hardware extension

Since buffer overflow has long been a frequently occurring, high-risk vu...
research
09/17/2019

Variable Record Table: A Run-time Solution for Mitigating Buffer Overflow Attack

We present a novel approach to mitigate buffer overflow attack using Var...
research
04/10/2018

PULP: Inner-process Isolation based on the Program Counter and Data Memory Address

Plenty of in-process vulnerabilities are blamed on various out of bound ...
research
03/08/2022

xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64

Memory safety in complex applications implemented in unsafe programming ...
research
12/11/2022

Generic Tagging for RISC-V Binaries

With the widespread popularity of RISC-V – an open-source ISA – custom h...
research
05/17/2021

MetaSys: A Practical Open-Source Metadata Management System to Implement and Evaluate Cross-Layer Optimizations

This paper introduces the first open-source FPGA-based infrastructure, M...

Please sign up or login with your details

Forgot password? Click here to reset