Proconda -- Protected Control Data

TL;DR

ProConDa is a hardware-assisted approach that enforces strict separation of control-flow data from regular data on the stack, enhancing security against memory corruption attacks in C programs without relying on information hiding.

Contribution

ProConDa introduces a hardware-based method for protecting control-flow data on the stack, avoiding reliance on information hiding and demonstrating compatibility with existing software.

Findings

Effective separation of control-flow data demonstrated on ARM Linux benchmarks.

ProConDa resists attacks targeting information hiding-based memory isolation.

Compatible with existing software without significant modifications.

Abstract

Memory corruption vulnerabilities often enable attackers to take control of a target system by overwriting control-flow relevant data (such as return addresses and function pointers), which are potentially stored in close proximity of related, typically user-controlled data on the stack. In this paper, we propose ProConDa, a general approach for protecting control-flow relevant data on the stack ProConDa leverages hardware features to enforce a strict separation between control-flow relevant and regular data of programs written in non-memory-safe languages such as C. Contrary to related approaches, ProConDa does not rely on information hiding and is therefore not susceptible to several recent attacks specifically targeting information hiding as a foundation for memory isolation. We show that ProConDa enforcement is compatible with existing software by applying a software-based prototype to industry benchmarks on an ARM CPU running Linux.