TY - GEN
T1 - HeapSafe
T2 - 35th International Conference on VLSI Design, VLSID 2022 - held concurrently with 2022 21st International Conference on Embedded Systems, ES 2022
AU - De, Asmit
AU - Ghosh, Swaroop
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - RISC-V is a promising open-source architecture primarily targeted for embedded systems. Programs compiled using the RISC-V toolchain can run bare-metal on the system, and, as such, can be vulnerable to several memory corruption vulnerabilities. In this work, we present HeapSafe, a lightweight hardware assisted heap-buffer protection scheme to mitigate heap overflow and use-after-free vulnerabilities in a RISC-V SoC. The proposed scheme tags pointers associated with heap buffers with metadata indices and enforces tag propagation for commonly used pointer operations. The HeapSafe hardware is decoupled from the core and is designed as a configurable coprocessor and is responsible for validating the heap buffer accesses. Benchmark results show a 1.5X performance overhead and 1.59% area overhead, while being 22% faster than a software protection. We further implemented a HeapSafe-nb, an asynchronous validation design, which improves performance by 27% over the synchronous HeapSafe.
AB - RISC-V is a promising open-source architecture primarily targeted for embedded systems. Programs compiled using the RISC-V toolchain can run bare-metal on the system, and, as such, can be vulnerable to several memory corruption vulnerabilities. In this work, we present HeapSafe, a lightweight hardware assisted heap-buffer protection scheme to mitigate heap overflow and use-after-free vulnerabilities in a RISC-V SoC. The proposed scheme tags pointers associated with heap buffers with metadata indices and enforces tag propagation for commonly used pointer operations. The HeapSafe hardware is decoupled from the core and is designed as a configurable coprocessor and is responsible for validating the heap buffer accesses. Benchmark results show a 1.5X performance overhead and 1.59% area overhead, while being 22% faster than a software protection. We further implemented a HeapSafe-nb, an asynchronous validation design, which improves performance by 27% over the synchronous HeapSafe.
UR - http://www.scopus.com/inward/record.url?scp=85139210858&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85139210858&partnerID=8YFLogxK
U2 - 10.1109/VLSID2022.2022.00034
DO - 10.1109/VLSID2022.2022.00034
M3 - Conference contribution
AN - SCOPUS:85139210858
T3 - Proceedings - 2022 35th International Conference on VLSI Design, VLSID 2022 - held concurrently with 2022 21st International Conference on Embedded Systems, ES 2022
SP - 120
EP - 125
BT - Proceedings - 2022 35th International Conference on VLSI Design, VLSID 2022 - held concurrently with 2022 21st International Conference on Embedded Systems, ES 2022
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 26 February 2022 through 2 March 2022
ER -