Towards Linux Kernel Memory Safety

10/17/2017
by   Elena Reshetova, et al.
0

The security of billions of devices worldwide depends on the security and robustness of the mainline Linux kernel. However, the increasing number of kernel-specific vulnerabilities, especially memory safety vulnerabilities, shows that the kernel is a popular and practically exploitable target. Two major causes of memory safety vulnerabilities are reference counter overflows (temporal memory errors) and lack of pointer bounds checking (spatial memory errors). To succeed in practice, security mechanisms for critical systems like the Linux kernel must also consider performance and deployability as critical design objectives. We present and systematically analyze two such mechanisms for improving memory safety in the Linux kernel: (a) an overflow-resistant reference counter data structure designed to accommodate typical reference counter usage in kernel source code, and (b) runtime pointer bounds checking using Intel MPX in the kernel.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
06/29/2019

Deciding Memory Safety for Forest Datastructures

Memory safety is the problem of determining if a heap manipulating progr...
research
12/12/2020

CrypTag: Thwarting Physical and Logical Memory Vulnerabilities using Cryptographically Colored Memory

Memory vulnerabilities are a major threat to many computing systems. To ...
research
11/30/2020

No Crash, No Exploit: Automated Verification of Embedded Kernels

The kernel is the most safety- and security-critical component of many c...
research
08/19/2021

MESH: A Memory-Efficient Safe Heap for C/C++

While memory corruption bugs stemming from the use of unsafe programming...
research
07/08/2019

CHOP: Bypassing Runtime Bounds Checking Through Convex Hull OPtimization

Unsafe memory accesses in programs written using popular programming lan...
research
06/29/2021

An Analysis of Speculative Type Confusion Vulnerabilities in the Wild

Spectre v1 attacks, which exploit conditional branch misprediction, are ...
research
09/01/2022

Memory Tagging: A Memory Efficient Design

ARM recently introduced a security feature called Memory Tagging Extensi...

Please sign up or login with your details

Forgot password? Click here to reset