This Article 
 Bibliographic References 
 Add to: 
Hardware-Enforced Comprehensive Memory Safety
May-June 2013 (vol. 33 no. 3)
pp. 38-47
Santosh Nagarakatte, Rutgers University
Milo M.K. Martin, University of Pennsylvania
Steve Zdancewic, University of Pennsylvania
The lack of memory safety in languages such as C and C++ is a root source of exploitable security vulnerabilities. This article presents Watchdog, a hardware approach that eliminates such vulnerabilities by enforcing comprehensive memory safety. Inspired by prior software-only mechanisms, Watchdog maintains bounds and identifier metadata with pointers, propagates them on pointer operations, and checks them on pointer dereferences. Checking this bounds and identifier metadata provides both precise, byte-granularity buffer-overflow protection and protection from use-after-free errors, even in the presence of reallocations. Watchdog stores pointer metadata in a disjoint shadow space to provide comprehensive protection and ensure compatibility with existing code. To streamline implementation and reduce runtime overhead, Watchdog uses micro-operations to implement metadata access and checking, eliminates metadata copies via a register renaming scheme, and uses a dedicated identifier cache to reduce checking overhead.
Index Terms:
Computer architecture,Computer languages,Memory management,Computer security,Instruction set design,Program processors,instruction set design,watchdog,hardware support for security,microarchitecture,processor architectures,hardware/software interfaces
Santosh Nagarakatte, Milo M.K. Martin, Steve Zdancewic, "Hardware-Enforced Comprehensive Memory Safety," IEEE Micro, vol. 33, no. 3, pp. 38-47, May-June 2013, doi:10.1109/MM.2013.26
Usage of this product signifies your acceptance of the Terms of Use.