Micro-Policies Formally Verified, Tag-Based Security Monitors Arthur Azevedo de Amorim Maxime Dénès Nick Giannarakis Cătălin Hrițcu Benjamin C. Pierce Antal Spector-Zabusky Andrew Tolmach May 20, 2015 1
How can we design secure systems? 2
One approach: reference monitors 3
! 4
! 4
! 4
! 4
! 4
! OK 4
! 4
! 4
! 4
But there is a problem… 5
…they are slow 6
Idea: hardware support for reference monitors 7
But… 8
But… 8
But… 8
But… 8
But… 8
!’ What if a new threat appears? 9
Micro-Policies 10
11
Micro-policy specification Compartments CFI Micro-policy programming model Memory Sealing safety 12
Micro-policy specification Compartments CFI Micro-policy programming model Memory Sealing safety 12
Micro-policy specification Compartments CFI Micro-policy programming model Memory Sealing safety 12
Micro-policy specification Compartments CFI Micro-policy programming model Memory Sealing safety 12
Micro-policy specification Compartments CFI Micro-policy programming model Memory Sealing safety 12
Micro-policy specification Compartments CFI Micro-policy programming model Memory Sealing safety 12
Micro-policy specification Compartments CFI machine-checked proof Micro-policy programming model Memory Sealing safety 12
Micro-policy specification Compartments CFI Micro-policy programming model Memory Sealing safety 12
Micro-policy specification Compartments CFI Micro-policy programming model supported by Memory Sealing safety PUMP (Programmable Unit for Metadata Processing) 12
Micro-policy specification typically < 10% runtime overhead Compartments CFI (ASPLOS ’15) Micro-policy programming model supported by Memory Sealing safety PUMP (Programmable Unit for Metadata Processing) 12
Programming model 13
…but too powerful for efficient support General monitors Inspect program state arbitrarily 14
General monitors Inspect program state arbitrarily …but too powerful for efficient support 14
Insight: monitors as computation on metadata 15
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop Memory r4 bnz r4 ff32 r5 ??? r6 pc r7 tag payload Registers 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 tag payload 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 tag payload 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 tag Chosen by payload policy designer 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 Arbitrarily complex tag Chosen by payload (e.g. pointers to policy designer data structures) 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 tag payload 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 tag payload 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 tag payload 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 tag payload 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 tag payload 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 tag payload 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 tag payload 16
r0 42 r1 add r1 r2 r3 r2 add r3 r3 r3 r3 nop r4 bnz r4 ff32 r5 ??? r6 pc r7 tag payload 16
Is it flexible? 17
Control-flow integrity Compartmentalization (à la Wahbe et al.’s SFI) Heap memory safety Dynamic sealing 18
Example: CFI 19
1729 Data add r1 r2 r3 Code bnz r3 8 Code jump r4 Code bnz r5 8 Code sub r1 r2 r1 Code add r3 r4 r4 Code {InstTag = Data } → {Inst = Store , Mem = Code } → 20
1729 Data add r1 r2 r3 Code bnz r3 8 Code jump r4 Code bnz r5 8 Code sub r1 r2 r1 Code add r3 r4 r4 Code {InstTag = Data } → {Inst = Store , Mem = Code } → 20
1729 Data 1 add r1 r2 r3 Code bnz r3 8 Code jump r4 Code 2 4 {Pc = 4 , InstTag = Code 5 } → OK bnz r5 8 Code {Pc = 1 , InstTag = Code 5 } → sub r1 r2 r1 Code 3 5 add r3 r4 r4 Code 6 CFG pc 1 20
1729 Data 1 add r1 r2 r3 Code 1 bnz r3 8 Code 2 jump r4 Code 3 2 4 {Pc = 4 , InstTag = Code 5 } → OK bnz r5 8 Code 4 {Pc = 1 , InstTag = Code 5 } → sub r1 r2 r1 Code 5 3 5 add r3 r4 r4 Code 6 6 pc 1 20
1729 Data 1 add r1 r2 r3 Code 1 bnz r3 8 Code 2 jump r4 Code 3 2 4 {Pc = 4 , InstTag = Code 5 } → OK bnz r5 8 Code 4 {Pc = 1 , InstTag = Code 5 } → sub r1 r2 r1 Code 5 3 5 add r3 r4 r4 Code 6 Previous instruction id 6 pc 1 20
1729 Data 1 add r1 r2 r3 Code 1 bnz r3 8 Code 2 jump r4 Code 3 2 4 {Pc = 4 , InstTag = Code 5 } → OK bnz r5 8 Code 4 {Pc = 1 , InstTag = Code 5 } → sub r1 r2 r1 Code 5 3 5 add r3 r4 r4 Code 6 6 pc 1 20
Is it secure? 21
Inductive cfi_tag := Inductive value := | Data : cfi_tag | Int : int → value | Code : id → cfi_tag. | Ptr : region → int → value. Variable cfg : id → id → bool. Definition add v1 v2 := Memory-safe Abadi et al.’s match v1, v2 with Definition cfi_monitor tags := abstract machine | Int n, Int m ⇒ Some (Int (n + m)) match pc_tag tags, ci_tag tags with CFI property Higher-level | Ptr r off, Int n | n, Code m ⇒ if cfg n m then Some m Inductive nat := Micro-policy specification abstract machine | Int n, Ptr r off ⇒ Some (Ptr r (off + n)) else None | O : nat Model of simplified | _, _ ⇒ None | _, _ ⇒ None | S : nat → nat. Micro-policy programming model RISC processor end. end. Fixpoint add n m := match n with Lemma addn0 : ∀ n, add n O = n. | O ⇒ m Proof. (* ... *) Qed. | S n ⇒ S (add n m) end. Memory CFI safety Threat model Not modeled Attacker controls DMA, virtual input, but has no memory, timing, physical access … 22
Inductive cfi_tag := Inductive value := | Data : cfi_tag | Int : int → value | Code : id → cfi_tag. | Ptr : region → int → value. Variable cfg : id → id → bool. Definition add v1 v2 := Memory-safe Abadi et al.’s match v1, v2 with Definition cfi_monitor tags := abstract machine | Int n, Int m ⇒ Some (Int (n + m)) match pc_tag tags, ci_tag tags with CFI property Higher-level | Ptr r off, Int n | n, Code m ⇒ if cfg n m then Some m Inductive nat := Micro-policy specification abstract machine | Int n, Ptr r off ⇒ Some (Ptr r (off + n)) else None | O : nat Model of simplified | _, _ ⇒ None | _, _ ⇒ None | S : nat → nat. Micro-policy programming model RISC processor end. end. Fixpoint add n m := match n with Lemma addn0 : ∀ n, add n O = n. | O ⇒ m Proof. (* ... *) Qed. | S n ⇒ S (add n m) end. Memory CFI safety Threat model Not modeled Attacker controls DMA, virtual …and proofs input, but has no Mathematical memory, timing, about them physical access definitions… … 22
Inductive cfi_tag := Inductive value := | Data : cfi_tag | Int : int → value | Code : id → cfi_tag. | Ptr : region → int → value. Variable cfg : id → id → bool. Definition add v1 v2 := Memory-safe Abadi et al.’s match v1, v2 with Definition cfi_monitor tags := abstract machine | Int n, Int m ⇒ Some (Int (n + m)) match pc_tag tags, ci_tag tags with CFI property Higher-level | Ptr r off, Int n | n, Code m ⇒ if cfg n m then Some m Inductive nat := Micro-policy specification abstract machine | Int n, Ptr r off ⇒ Some (Ptr r (off + n)) else None | O : nat Model of simplified | _, _ ⇒ None | _, _ ⇒ None | S : nat → nat. Micro-policy programming model RISC processor end. end. Fixpoint add n m := match n with Lemma addn0 : ∀ n, add n O = n. | O ⇒ m Proof. (* ... *) Qed. | S n ⇒ S (add n m) end. Memory CFI safety Threat model Not modeled Attacker controls DMA, virtual input, but has no memory, timing, physical access … 22
Recommend
More recommend