PHMon: A Programmable Hardware Monitor and Its Security Use Cases

Leila Delshadtehrani, Sadullah Canakci, Boyou Zhou, Schuyler Eldridge, Ajay Joshi, and Manuel Egele

[email protected]

Boston University

August 12, 2020 MPX SafeCWhat if Softbound Available we could2008 have a flexible2013 hardware2018-2019 implementation that could enhance and enforce a variety of security policies1994 as security2009 threats evolve?!2015 Hardbound MPX MPX Announced Disabled

[AUSTIN, PLDI’94] [DEVIETTI, ASPLOS’08] [NAGARAKATTE, PLDI’09]

Introduction Motivation PHMon Overview Conclusion Motivation

Current Trend Growing demand to enforce security policies in hardware

Intel MPX ARM TrustZone AMD SVM Intel SGX Intel TXT ARM PA Intel CET ...

Boston University August 12, 2020 2/10

What if we could have a flexible hardware implementation that could enhance and enforce a variety of security policies as security threats evolve?!

Introduction Motivation PHMon Overview Conclusion Motivation

Current Trend Growing demand to enforce security policies in hardware MPX SafeC Softbound Available Intel MPX ARM 2008 2013 2018-2019 TrustZone AMD SVM Intel SGX 1994 2009 2015 Hardbound MPX MPX Intel TXT ARM PA Announced Disabled Intel CET ...

[AUSTIN, PLDI’94] [DEVIETTI, ASPLOS’08] [NAGARAKATTE, PLDI’09]

Boston University August 12, 2020 2/10 MPX SafeC Softbound Available 2008 2013 2018-2019

1994 2009 2015 Hardbound MPX MPX Announced Disabled

[AUSTIN, PLDI’94] [DEVIETTI, ASPLOS’08] [NAGARAKATTE, PLDI’09]

Introduction Motivation PHMon Overview Conclusion Motivation

Current Trend Growing demand to enforce security policies in hardware

What if Intel MPX ARM we could have a flexible hardware TrustZone implementation that could enhance AMD SVM and enforce a variety of security Intel SGX policies as security threats evolve?! Intel TXT ARM PA Intel CET ...

Boston University August 12, 2020 2/10 Introduction Motivation PHMon Overview Conclusion Our Proposal - PHMon

Application PHMon API A hardware monitor and the full OS Hardware software stack around it A programmable hardware monitor Full SW Stack interfaced with a RISC-V Rocket processor on an FPGA OS support Software API User/Admin Event/Action Security use cases Specification Using PHMon API Monitor Events

How Does It Work? Program PHMon PHMon Monitor the

execution A user/admin configures the hardware

monitor Take Actions The hardware monitor collects the Is process Is PHMon runtime execution information Terminated? Disabled? N N Checks for the specified events, e.g., detects Y Y branch instructions PHMon Performs follow-up actions, e.g., an ALU Stop operation Monitoring

Boston University August 12, 2020 3/10 Hardware Introduction Software PHMon Implementation Conclusion Use Cases Hardware Overview

RISC-V Rocket RoCC Interface Microprocessor Pipelined Commit Log Processor Core TU Command Response PHMon

WB Exe Dec Mem Interrupt

PC_GEN /Fetch HW Functionality L1 Memory Request Data Cache Memory Response Collect the instruction Commit Log trace - inst PHMon - pc_src Action Unit (AU) Find matches with - pc_dst Match Unit-0 (MU-0) - addr Predicate: Config Unit-0 (CFU-0) programmed events - data - inst = *8067 MU_id Action Config Table - pc_src = * - pc_dst = * Type In1 In2 Fn Out Data - addr = * 2b 3b 3b 4b 3b 64b Take follow-up actions Comparator - data = * ... MU_addr ... Match Queue Cmd/Resp Counter Threshold conf_ptr conf_ctr =? MU_data Control Unit Local ALU Register Match Packet (CU) File

Interrupt Memory

Boston University August 12, 2020 4/10 Hardware Introduction Software PHMon Implementation Conclusion Use Cases Software Overview

Software Interface OS Support A list of functions that use RISC-V’s Per process OS support standard ISA extension Maintain PHMon Configure PHMon information during Communicate with PHMon context switches Interrupt handling OS Reset MU-0 and configure the match pattern support phmon_reset_val(0); Delegate interrupt to phmon_pattern(0, &mask_inst0) OS Compare pc_dst and pc_src, and trigger an interrupt Terminate the action_mu0.op_type = e_OP_ALU; //ALU operation violating process action_mu0.in1 = e_IN_DATA_RESP; //MU_resp action_mu0.in2 = e_IN_LOC3; //Local3 action_mu0.fn = e_ALU_SEQ; //Set Equal action_mu0.out = e_OUT_INTR; //Interrupt reg phmon_action_config(0, &action_mu0);

Boston University August 12, 2020 5/10 Hardware Introduction Software PHMon Implementation Conclusion Use Cases Implementation and Evaluation Framework

Implementation PHMon as a RoCC, written in Chisel HDL Interfaced with the in-order RISC-V Rocket core Linux kernel v4.15 RISC-V gnu toolchain for cross-compilation

Evaluation Prototyped on Xilinx Zynq Zedboard Rocket core + PHMon Open-sourced at https://github.com/bu-icsg/PHMon

Boston University August 12, 2020 6/10 Hardware Accelerated Shadow Stack Fuzzing

https://security.googleblog.com/2019/10/protecting-against-code-reuse-in-linux30.html, https://medium.com/@dieswaytoofast/fuzzing-and-deep-learning-5aae84c20303,

Hardware Introduction Software PHMon Implementation Conclusion Use Cases Use Cases

Preventing Information Shadow Stack Shadow Stack Leakage

Hardware Accelerated Watchpoints and Fuzzing Accelerated Debugger

https://security.googleblog.com/2019/10/protecting-against-code-reuse-in-linux30.html, https://www.darkreading.com/attacks-breaches/heartbleed-attack-targeted-enterprise-vpn-/d/d-id/1204592, https://medium.com/@dieswaytoofast/fuzzing-and-deep-learning-5aae84c20303, https://hackernoon.com/professional-debugging-in-rails-1yr2bnz

Boston University August 12, 2020 7/10 Preventing Information Shadow Stack Shadow Stack Leakage

Hardware Accelerated Watchpoints and Fuzzing Accelerated Debugger

https://security.googleblog.com/2019/10/protecting-against-code-reuse-in-linux30.html, https://www.darkreading.com/attacks-breaches/heartbleed-attack-targeted-enterprise-vpn-/d/d-id/1204592, https://medium.com/@dieswaytoofast/fuzzing-and-deep-learning-5aae84c20303, https://hackernoon.com/professional-debugging-in-rails-1yr2bnz

Hardware Introduction Software PHMon Implementation Conclusion Use Cases Use Cases

Hardware Accelerated Shadow Stack Fuzzing

https://security.googleblog.com/2019/10/protecting-against-code-reuse-in-linux30.html, https://medium.com/@dieswaytoofast/fuzzing-and-deep-learning-5aae84c20303,

Boston University August 12, 2020 7/10

Hardware Introduction Software PHMon Implementation Conclusion Use Cases Use Cases: Shadow Stack

Main Stack Shadow Stack

PHMon-based Shadow Stack Return Address Return Address Argument Return Address Registers Simple and flexible Saved Two MUs Registers Local ... Shared memory space Variables Return Address

Allocated by OS as a ... user-space memory

3.5 Secure 3.4 3.0 2.7 2.6 Efficient 2.5 For SPECint2000, 2.0 1.5 SPECint2006, and MiBench 1.2 1.1 1.1 1.2 benchmarks, on average, 1.0 0.5 0.9% performance overhead 0.5 0.3 Performance Overhead (%) 0.0 gcc bzip2 astar gobmk hmmer h264ref GeoMean libquantum xalancbmk SPECint2006

Boston University August 12, 2020 8/10 Program Execution On RISC-V Processor Monitoring (2)/ Updating the Child Process branch coverage (3) (The Fuzzed Program) QEMU Process Fork+Execv terminates (1) (4) Parent Process (AFL)

Reading the branch coverage (5) Memory Shared Memory Region

QEMU-based AFL

Memory Shared Memory Region

PHMon-based AFL

Hardware Introduction Software PHMon Implementation Conclusion Use Cases Use Cases: Hardware Accelerated Fuzzing

American Fuzzy Lop (AFL) [Zalewski, 2013] A state-of-the-art fuzzer Two main units The fuzzing logic The instrumentation suite Compiler-based QEMU-based

https://rabbitbreeders.us/american-fuzzy-lop-rabbits/

Boston University August 12, 2020 9/10 Hardware Introduction Software PHMon Implementation Conclusion Use Cases Use Cases: Hardware Accelerated Fuzzing

Program Execution American Fuzzy Lop (AFL) On RISC-V Processor Monitoring (2)/ Updating the [Zalewski, 2013] Child Process branch coverage (3) (The Fuzzed Program) QEMU Process Fork+Execv terminates A state-of-the-art fuzzer (1) (4) Two main units Parent Process (AFL) Reading the branch coverage (5) The fuzzing logic Memory The instrumentation suite Shared Memory Region Compiler-based QEMU-based QEMU-based AFL

Memory Shared Memory Region

PHMon-based AFL https://rabbitbreeders.us/american-fuzzy-lop-rabbits/

Boston University August 12, 2020 9/10 American Fuzzy Lop (AFL) [Zalewski, 2013] A state-of-the-art fuzzer Two main units The fuzzing logic The instrumentation suite Compiler-based QEMU-based

https://rabbitbreeders.us/american-fuzzy-lop-rabbits/

Hardware Introduction Software PHMon Implementation Conclusion Use Cases Use Cases: Hardware Accelerated Fuzzing

Program Execution On RISC-V Processor Monitoring (2)/ Updating the 25 Child Process branch coverage (3) (The Fuzzed Program) Baseline AFL Fork Server 20.6 QEMU 20 18.9 Process PHMon 17.8 Fork+Execv 16.4 16.1 terminates (1) (4) 15 13.7 11.3 Parent Process (AFL)

10 7.6 Reading the 6.3 6.1 5.4 branch coverage (5) 5.2 Memory Performance 5 3.7 4.2 Shared Memory Region improvement (X) 1.0 1.0 1.0 1.0 1.0 1.0 1.0 0 zstd pcre Geo

nasm QEMU-based AFL Mean unace indent sleuthkit Benchmarks

PHMon improves AFL’s performance by 16× over the baseline Power overhead: 5% Area overhead: 13.5% Memory Shared Memory Region

PHMon-based AFL

Boston University August 12, 2020 9/10 Introduction PHMon Conclusion Conclusion

Ref: https://www.linux-apps.com/p/1082429/

A hardware monitor with full software stack FPGA prototype

ARTIFACT EVALUATED https://www.usenix.org/system/files/ sec20spring_delshadtehrani_prepub.pdf PASSED

Preventing Information Shadow Stack Shadow Stack Leakage

https://github.com/bu-icsg/PHMon

Thanks! You can reach me at

Hardware Accelerated Watchpoints and [email protected] for follow-up questions. Fuzzing Accelerated Debugger ?

Versatile and easily adopted More information

Boston University August 12, 2020 10/10