Mihai Budiu, Úlfar Erlingsson, and Martín Abadi
Control-Flow Integrity (CFI) is a property that guarantees
program control flow cannot be subverted by a malicious adversary,
even if the adversary has complete control of data
memory. We have shown in prior work how CFI can be enforced
by using inlined software guards that perform safety
checks. The first part of this paper shows how modest Instruction
Set Architecture (ISA) support can replace such
guard code with single instructions.
On the foundation of CFI we have implemented XFI: a protection
system that offers fine-grained memory access control
and fundamental integrity guarantees for critical system
state. XFI can be seen as a flexible, generalized form
of software-based fault isolation (SFI). In the second part of
this paper we present ISA support for XFI, in the form of
simple bounds-check instructions.
CFI and XFI can significantly increase the security and integrity
of software execution. Our results indicate that support
for CFI and XFI is a straightforward, simple addition t
|Published in||ASID '06: Proceedings of the 1st workshop on Architectural and System Support for Improving Software Dependability|
|Address||San Jose, CA|
|Publisher||Association for Computing Machinery, Inc.|
Copyright © 2006 by the Association for Computing Machinery, Inc. Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept, ACM Inc., fax +1 (212) 869-0481, or firstname.lastname@example.org. The definitive version of this paper can be found at ACM’s Digital Library --http://www.acm.org/dl/.