skip to main content
article

Flexible and efficient memory object metadata

Published:18 June 2017Publication History
Skip Abstract Section

Abstract

Compiler-based tools can protect software from attack and find bugs within programs. To support programs written in type-unsafe languages such as C, such tools need to add code into a program that must, at run-time, take a pointer into a memory object and locate metadata for that memory object. Current methods of locating metadata are either flexible (supporting metadata of varying sizes) at the expense of speed and scalability or are fast (e.g., by using shadow tables) at the cost of flexibility (metadata is small and must always be the same size).

This paper presents a new method of attaching metadata to memory objects, named Padding Area MetaData (PAMD), that is both flexible and efficient. Metadata can be any size, and different memory objects can have different sized metadata. While flexible, the algorithm for finding the metadata given a pointer into the memory object takes constant time. Our method extends Baggy Bounds with Accurate Checking (BBAC) which attaches constant-sized metadata to memory objects for performing precise dynamic bounds checks. Our design supports variable-sized metadata, and our implementation supports larger programs.

We evaluated the performance and scalability of PAMD using dynamic bounds checking as an exemplar of our method. Our results show that our method adds at most 33% overhead to an identical dynamic bounds checking tool that trades precision for performance by using a simple shadow table. Our results also show that our method, while having the same flexibility as splay trees, performs significantly faster and scales better as a program allocates more memory.

References

  1. Database speed comparison. https://www.sqlite.org/speed.html.Google ScholarGoogle Scholar
  2. The python benchmark suite. https://github.com/python/performance.Google ScholarGoogle Scholar
  3. SAFECode. http://sva.cs.illinois.edu.Google ScholarGoogle Scholar
  4. M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti. Control-flow integrity principles, implementations, and applications. ACM Transactions on Information Systems Security, 13:4:1–4:40, November 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. P. Akritidis, C. Cadar, C. Raiciu, M. Costa, and M. Castro. Preventing memory error exploits with WIT. In SP ’08: Proceedings of the 2008 IEEE Symposium on Security and Privacy, pages 263–277, Washington, DC, USA, 2008. IEEE Computer Society. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. P. Akritidis, M. Costa, M. Castro, and S. Hand. Baggy bounds checking: An efficient and backwards-compatible defense against out-ofbounds errors. In Proceedings of the Eighteenth Usenix Security Symposium, August 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. L. O. Anderson. Program Analysis and Specialization for the C Programming Language. PhD thesis, DIKU, University of Copenhagen, May 1994.Google ScholarGoogle Scholar
  8. Z. Anderson, D. Gay, R. Ennals, and E. Brewer. SharC: Checking data sharing strategies for multithreaded c. In Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’08, pages 149–158, New York, NY, USA, 2008. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. D. P. Bovet and M. Cesati. Understanding the LINUX Kernel. O’Reilly, Sebastopol, CA, 3rd edition, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. J. Criswell, N. Geoffray, and V. Adve. Memory safety for low-level software/hardware interactions. In Proceedings of the Eighteenth Usenix Security Symposium, August 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. J. Criswell, A. Lenharth, D. Dhurjati, and V. Adve. Secure Virtual Architecture: A Safe Execution Environment for Commodity Operating Systems. In Proceedings of the ACM SIGOPS Symposium on Operating System Principles, Stevenson, WA, USA, October 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. D. Dhurjati and V. Adve. Backwards-compatible array bounds checking for C with very low overhead. In International Conference on Software Engineering, Shanghai, China, May 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. D. Dhurjati, S. Kowshik, and V. Adve. SAFECode: Enforcing alias analysis for weakly typed languages. In ACM SIGPLAN Conference on Programming Language Design and Implementation, Ottawa, Canada, June 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. B. Ding, Y. He, Y. Wu, A. Miller, and J. Criswell. Baggy bounds with accurate checking. In Software Reliability Engineering Workshops (ISSREW), 2012 IEEE 23rd International Symposium on, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. J. L. Henning. Spec cpu2006 benchmark descriptions. ACM SIGARCH Computer Architecture News, 34(4):1–17, Sept. 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. A. Jaeger. Porting to 64-bit gnu/linux systems. In Proceedings of the GCC Developers Summit, pages 107–121, 2003.Google ScholarGoogle Scholar
  17. T. Jim, G. Morrisett, D. Grossman, M. Hicks, J. Cheney, and Y. Wang. Cyclone: A safe dialect of C. In USENIX Annual Technical Conference, Monterey, CA, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. R. W. M. Jones and P. H. J. Kelly. Backwards-compatible bounds checking for arrays and pointers in c programs. In Automated and Algorithmic Debugging, pages 13–26, 1997.Google ScholarGoogle Scholar
  19. S. Kell. Towards a dynamic object model within unix processes. In 2015 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software (Onward!), Onward! 2015, pages 224–239, New York, NY, USA, 2015. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. S. Kell. Dynamically diagnosing type errors in unsafe code. In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2016, pages 800–819, New York, NY, USA, 2016. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. L. C. Lam and T.-c. Chiueh. A general dynamic information flow tracking framework for security applications. In ACSAC ’06: Proceedings of the 22nd Annual Computer Security Applications Conference, pages 463–472, Washington, DC, USA, 2006. IEEE Computer Society. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. C. Lattner and V. Adve. LLVM: A compilation framework for lifelong program analysis and transformation. In Proceedings of the Conference on Code Generation and Optimization, pages 75–88, San Jose, CA, USA, Mar 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. C. Lattner et al. LLVM Language Reference Manual. http://llvm.org/docs/LangRef.html.Google ScholarGoogle Scholar
  24. C. Lattner, A. D. Lenharth, and V. S. Adve. Making context-sensitive points-to analysis with heap cloning practical for the real world. In ACM SIGPLAN Conference on Programming Language Design and Implementation, pages 278–289, San Diego, CA, USA, June 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. M. K. McKusick, G. V. Neville-Neil, and R. N. M. Watson. The Design and Implementation of the FreeBSD Operating System. Pearson Education, second edition, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. S. Nagarakatte, J. Zhao, M. M. Martin, and S. Zdancewic. SoftBound: Highly compatible and complete spatial memory safety for C. In Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’09, pages 245–258, New York, NY, USA, 2009. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. A. Rogers, M. C. Carlisle, J. H. Reppy, and L. J. Hendren. Supporting dynamic data structures on distributed memory machines. ACM Trans. on Prog. Lang. and Sys., 17(2), Mar. 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. O. Ruwase and M. Lam. A practical dynamic buffer overflow detector. In In Proceedings of the Network and Distributed System Security (NDSS) Symposium, pages 159–169, San Diego, CA, USA, 2004.Google ScholarGoogle Scholar
  29. S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: A dynamic data race detector for multi-threaded programs. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles, SOSP ’97, pages 27–37, New York, NY, USA, 1997. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. K. Serebryany, D. Bruening, A. Potapenko, and D. Vyukov. Addresssanitizer: A fast address sanity checker. In Presented as part of the 2012 USENIX Annual Technical Conference (USENIX ATC 12), pages 309–318, Boston, MA, 2012. USENIX. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. D. D. Sleator and R. E. Tarjan. Self-adjusting binary trees. In Proc. of the ACM Symp. on Theory of computing, 1983. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Flexible and efficient memory object metadata

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!