Security Properties for Stack Safety

05/02/2021
by   Sean Noble Anderson, et al.
0

What exactly does "stack safety" mean? The phrase is associated with a variety of compiler, run-time, and hardware mechanisms for protecting stack memory. But these mechanisms typically lack precise specifications, relying instead on informal descriptions and examples of bad behaviors that they prevent. We propose a formal characterization of stack safety, formulated with concepts from language-based security: a combination of an integrity property ("the private state in each caller's stack frame is held invariant by the callee"), a confidentiality property ("the callee's behavior is insensitive to the caller's private state"), and a well-bracketedness property ("each callee returns control to its immediate caller"). We use these properties to validate the stack-safety "micro-policies" proposed by Roessler and DeHon [2018]. Specifically, we check (with property-based random testing) that Roessler and Dehon's "eager" micro-policy, which catches violations as early as possible, enforces a simple "stepwise" variant of our properties and correctly detects several broken variants, and that (a repaired version of) their more performant "lazy" micro-policy corresponds to a slightly weaker and more extensional "observational" variant of our properties.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

02/18/2020

ShadowGuard : Optimizing the Policy and Mechanism of Shadow Stack Instrumentation using Binary Static Analysis

A shadow stack validates on-stack return addresses and prevents arbitrar...
03/11/2020

Bypassing memory safety mechanisms through speculative control flow hijacks

The prevalence of memory corruption bugs in the past decades resulted in...
05/20/2017

The Meaning of Memory Safety

We propose a rigorous characterization of what it means for a programmin...
08/26/2016

TriCheck: Memory Model Verification at the Trisection of Software, Hardware, and ISA

Memory consistency models (MCMs) which govern inter-module interactions ...
06/17/2021

Hardware-Enforced Integrity and Provenance for Distributed Code Deployments

Deployed microservices must adhere to a multitude of application-level s...
11/01/2019

Weird Machines as Insecure Compilation

Weird machines—the computational models accessible by exploiting securit...
02/28/2018

Orion+: Automated Problem Diagnosis in Computing Systems by Mining Metric Data

This work presents the suspicious code at a finer granularity of call st...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.