Watchdog: hardware for safe and secure manual memory management and full memory safety
Citations
454 citations
119 citations
Cites background from "Watchdog: hardware for safe and sec..."
...hardware instructions to accelerate memory safety violation detection has already been extensively explored [61], [103], [104]....
[...]
112 citations
Cites background from "Watchdog: hardware for safe and sec..."
...Watchdog handles this by using shadow memory to maintain the first type of tags, but it is unclear whether or how ADI handles this issue....
[...]
...Since memory safety issues are the root cause of many attacks [70], researchers have proposed many solutions to address this problem, including automated code transformation [55], instrumentation-based [2, 10, 53, 54], and hardwarebased [27, 36, 51, 52, 77]....
[...]
...For example, Watchdog [51] and the application data integrity (ADI) [57] mechanism on SPARC M7 processors allow a program to associate memory addresses and pointers with versions (tags) and require that when accessing the memory the version of the pointer must match the version of the memory....
[...]
...Furthermore, a number of other approaches have been proposed to eliminate the root cause of these memory corruption vulnerabilities [27, 51, 52, 77]....
[...]
99 citations
90 citations
References
2,540 citations
"Watchdog: hardware for safe and sec..." refers background in this paper
...Other approaches seek to detect errors by tracking the allocation/deallocation status of regions of memory (via shadow space in software [26], with hardware [5, 34], or page-granularity tracking via virtual memory mechanisms [10, 20])....
[...]
777 citations
"Watchdog: hardware for safe and sec..." refers methods in this paper
...Although the focus of this paper is on use-after-free violations, Watchdog’s overall approach and implementation was explicitly designed to mesh well with pointer-based bounds checking [3, 9, 15, 22, 24, 29, 35], which track base and bound metadata with pointers for precise bytegranularity bounds checking of all memory accesses....
[...]
566 citations
"Watchdog: hardware for safe and sec..." refers background in this paper
...Use-after-free (UAF) errors have proven to be just as severe and exploitable as buffer overflow errors: they too potentially allow an attacker to corrupt values in memory [6], inject malicious code, and initiate return-to-libc attacks [31]....
[...]
563 citations
"Watchdog: hardware for safe and sec..." refers methods in this paper
...Although the focus of this paper is on use-after-free violations, Watchdog’s overall approach and implementation was explicitly designed to mesh well with pointer-based bounds checking [3, 9, 15, 22, 24, 29, 35], which track base and bound metadata with pointers for precise bytegranularity bounds checking of all memory accesses....
[...]
460 citations
"Watchdog: hardware for safe and sec..." refers background or methods in this paper
...Watchdog builds upon prior proposals for identifier-based use-after-free checking [3, 7, 23, 29, 35] using disjoint metadata [23]....
[...]
...Although the focus of this paper is on use-after-free violations, Watchdog’s overall approach and implementation was explicitly designed to mesh well with pointer-based bounds checking [3, 9, 15, 22, 24, 29, 35], which track base and bound metadata with pointers for precise bytegranularity bounds checking of all memory accesses....
[...]
...An alternative approach is the allocation identifier approach [3, 7, 23, 29, 35], which associates a unique identifier with each memory allocation....
[...]
...Alternative approaches track and check unique identifiers either completely with software [3, 23, 29, 35] or with hardware acceleration [7]....
[...]