PAC it up: Towards Pointer Integrity using ARM Pointer Authentication

Hans Liljestrand, Thomas Nyman, Kui Wang, Carlos Chinea Perez, Jan-Erik Ekberg, N. Asokan

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

Abstract

Run-time attacks against programs written in memory-unsafe programming languages (e.g., C and C++) remain a prominent threat against computer systems. The prevalence of techniques like return-oriented programming (ROP) in attacking real-world systems has prompted major processor manufacturers to design hardware-based countermeasuresagainst specific classes of run-time attacks. An example is the recently added support for pointer authentication (PA) in the ARMv8-A processor architecture, commonly used in devices like smartphones. PA is a low-cost technique to authenticate pointers so as to resist memory vulnerabilities. It has been shown to enable practical protection against memory vulnerabilities that corrupt return addresses or function pointers. However, so far, PA has received very little attention as a general purpose protection mechanism to harden
software against various classes of memory attacks.

In this paper, we use PA to build novel defenses against various classes of run-time attacks, including the first PA-based mechanism for data pointer integrity. We present PARTS, an instrumentation framework that integrates our PA-based defenses into the LLVM compiler and the GNU/Linux operating system and show, via systematic evaluation, that PARTS provides better protection than current solutions at a reasonable performance overhead.
Original languageEnglish
Title of host publicationProceedings of the 28th USENIX Security Symposium
PublisherACM
Pages177-194
ISBN (Electronic)978-1-939133-06-9
Publication statusPublished - 2019
MoE publication typeA4 Conference publication
EventUSENIX Security Symposium - Santa Clara, United States
Duration: 14 Aug 201916 Aug 2019
Conference number: 29

Conference

ConferenceUSENIX Security Symposium
Country/TerritoryUnited States
CitySanta Clara
Period14/08/201916/08/2019

Fingerprint

Dive into the research topics of 'PAC it up: Towards Pointer Integrity using ARM Pointer Authentication'. Together they form a unique fingerprint.

Cite this