Camouflage: Hardware-assisted CFI for the ARM linux kernel

Remi Denis-Courmont; Hans Liljestrand; Carlos Chinea; Jan Erik Ekberg

doi:10.1109/DAC18072.2020.9218535

Camouflage: Hardware-assisted CFI for the ARM linux kernel

Remi Denis-Courmont, Hans Liljestrand, Carlos Chinea, Jan Erik Ekberg

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

8 Citations (Scopus)

Abstract

Software control-flow integrity (CFI) solutions have been applied to the Linux kernel for memory protection. Due to performance costs, deployed software CFI solutions are coarse grained. In this work, we demonstrate a precise hardware-assisted kernel CFI running on widely-used off-the-shelf processors. Specifically, we use the ARMv8.3 pointer authentication (PAuth) extension and present a design that uses it to achieve strong security guarantees with minimal performance penalties. Furthermore, we show how deployment of such security primitives in the kernel can significantly differ from their user space application.

Original language	English
Title of host publication	2020 57th ACM/IEEE Design Automation Conference, DAC 2020
Publisher	IEEE
ISBN (Electronic)	9781450367257
DOIs	https://doi.org/10.1109/DAC18072.2020.9218535
Publication status	Published - Jul 2020
MoE publication type	A4 Article in a conference publication
Event	Annual Design Automation Conference - Virtual, San Francisco, United States Duration: 20 Jul 2020 → 24 Jul 2020 Conference number: 57

Publication series

Name	Proceedings - Design Automation Conference
Publisher	IEEE
Volume	2020-July
ISSN (Print)	0738-100X

Conference

Conference	Annual Design Automation Conference
Abbreviated title	DAC
Country/Territory	United States
City	San Francisco
Period	20/07/2020 → 24/07/2020

Access to Document

10.1109/DAC18072.2020.9218535

https://arxiv.org/abs/1912.04145

OpenUrl availability

Full text

Cite this

@inproceedings{8f3be9031f3b444d9c8fa39cd00c6499,

title = "Camouflage: Hardware-assisted CFI for the ARM linux kernel",

abstract = "Software control-flow integrity (CFI) solutions have been applied to the Linux kernel for memory protection. Due to performance costs, deployed software CFI solutions are coarse grained. In this work, we demonstrate a precise hardware-assisted kernel CFI running on widely-used off-the-shelf processors. Specifically, we use the ARMv8.3 pointer authentication (PAuth) extension and present a design that uses it to achieve strong security guarantees with minimal performance penalties. Furthermore, we show how deployment of such security primitives in the kernel can significantly differ from their user space application.",

author = "Remi Denis-Courmont and Hans Liljestrand and Carlos Chinea and Ekberg, {Jan Erik}",

year = "2020",

month = jul,

doi = "10.1109/DAC18072.2020.9218535",

language = "English",

series = "Proceedings - Design Automation Conference",

publisher = "IEEE",

booktitle = "2020 57th ACM/IEEE Design Automation Conference, DAC 2020",

address = "United States",

note = "Annual Design Automation Conference, DAC ; Conference date: 20-07-2020 Through 24-07-2020",

}

Denis-Courmont, R, Liljestrand, H, Chinea, C & Ekberg, JE 2020, Camouflage: Hardware-assisted CFI for the ARM linux kernel. in 2020 57th ACM/IEEE Design Automation Conference, DAC 2020., 9218535, Proceedings - Design Automation Conference, vol. 2020-July, IEEE, Annual Design Automation Conference, San Francisco, California, United States, 20/07/2020. https://doi.org/10.1109/DAC18072.2020.9218535

Camouflage : Hardware-assisted CFI for the ARM linux kernel. / Denis-Courmont, Remi; Liljestrand, Hans; Chinea, Carlos et al.

2020 57th ACM/IEEE Design Automation Conference, DAC 2020. IEEE, 2020. 9218535 (Proceedings - Design Automation Conference; Vol. 2020-July).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Camouflage

T2 - Annual Design Automation Conference

AU - Denis-Courmont, Remi

AU - Liljestrand, Hans

AU - Chinea, Carlos

AU - Ekberg, Jan Erik

N1 - Conference code: 57

PY - 2020/7

Y1 - 2020/7

N2 - Software control-flow integrity (CFI) solutions have been applied to the Linux kernel for memory protection. Due to performance costs, deployed software CFI solutions are coarse grained. In this work, we demonstrate a precise hardware-assisted kernel CFI running on widely-used off-the-shelf processors. Specifically, we use the ARMv8.3 pointer authentication (PAuth) extension and present a design that uses it to achieve strong security guarantees with minimal performance penalties. Furthermore, we show how deployment of such security primitives in the kernel can significantly differ from their user space application.

AB - Software control-flow integrity (CFI) solutions have been applied to the Linux kernel for memory protection. Due to performance costs, deployed software CFI solutions are coarse grained. In this work, we demonstrate a precise hardware-assisted kernel CFI running on widely-used off-the-shelf processors. Specifically, we use the ARMv8.3 pointer authentication (PAuth) extension and present a design that uses it to achieve strong security guarantees with minimal performance penalties. Furthermore, we show how deployment of such security primitives in the kernel can significantly differ from their user space application.

UR - http://www.scopus.com/inward/record.url?scp=85093937864&partnerID=8YFLogxK

U2 - 10.1109/DAC18072.2020.9218535

DO - 10.1109/DAC18072.2020.9218535

M3 - Conference contribution

AN - SCOPUS:85093937864

T3 - Proceedings - Design Automation Conference

BT - 2020 57th ACM/IEEE Design Automation Conference, DAC 2020

PB - IEEE

Y2 - 20 July 2020 through 24 July 2020

ER -

Camouflage: Hardware-assisted CFI for the ARM linux kernel

Abstract

Publication series

Conference

Access to Document

OpenUrl availability

Other files and links

Fingerprint

Cite this