A. Saxena, Gururaj Saileshwar, Jonas Juffinger, Andreas Kogler, D. Gruss, Moinuddin K. Qureshi
{"title":"PT-Guard:完整性保护的页表,以防御突破滚锤攻击","authors":"A. Saxena, Gururaj Saileshwar, Jonas Juffinger, Andreas Kogler, D. Gruss, Moinuddin K. Qureshi","doi":"10.1109/DSN58367.2023.00022","DOIUrl":null,"url":null,"abstract":"Page tables enforce process isolation in systems. Rowhammer attacks break process isolation by flipping bits in DRAM to tamper page tables and achieving privilege escalation. Moreover, new Rowhammer attacks break existing mitigations. We seek to protect systems against such breakthrough attacks. We present PT-Guard, an integrity protection mechanism for page tables. PT-Guard uses unused bits in Page Table Entries (PTE) to embed a Message Authentication Code (MAC) for the PTE cacheline without any storage overhead. These unused bits arise from PTEs supporting petabytes of physical memory while systems targeted by Rowhammer use at-most terabytes of mem-ory. By storing and verifying MACs for PTEs, PT-Guard detects arbitrary bit-flips in PTEs. Moreover, PT-Guard also provides best-effort correction of faulty-PTEs leveraging value locality. PT-Guard protects page tables from breakthrough Rowhammer attacks with negligible hardware changes, no DRAM storage, <72 bytes of SRAM, 1.3% slowdown, and no software changes.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"94 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"PT-Guard: Integrity-Protected Page Tables to Defend Against Breakthrough Rowhammer Attacks\",\"authors\":\"A. Saxena, Gururaj Saileshwar, Jonas Juffinger, Andreas Kogler, D. Gruss, Moinuddin K. Qureshi\",\"doi\":\"10.1109/DSN58367.2023.00022\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Page tables enforce process isolation in systems. Rowhammer attacks break process isolation by flipping bits in DRAM to tamper page tables and achieving privilege escalation. Moreover, new Rowhammer attacks break existing mitigations. We seek to protect systems against such breakthrough attacks. We present PT-Guard, an integrity protection mechanism for page tables. PT-Guard uses unused bits in Page Table Entries (PTE) to embed a Message Authentication Code (MAC) for the PTE cacheline without any storage overhead. These unused bits arise from PTEs supporting petabytes of physical memory while systems targeted by Rowhammer use at-most terabytes of mem-ory. By storing and verifying MACs for PTEs, PT-Guard detects arbitrary bit-flips in PTEs. Moreover, PT-Guard also provides best-effort correction of faulty-PTEs leveraging value locality. PT-Guard protects page tables from breakthrough Rowhammer attacks with negligible hardware changes, no DRAM storage, <72 bytes of SRAM, 1.3% slowdown, and no software changes.\",\"PeriodicalId\":427725,\"journal\":{\"name\":\"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"volume\":\"94 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSN58367.2023.00022\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN58367.2023.00022","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
PT-Guard: Integrity-Protected Page Tables to Defend Against Breakthrough Rowhammer Attacks
Page tables enforce process isolation in systems. Rowhammer attacks break process isolation by flipping bits in DRAM to tamper page tables and achieving privilege escalation. Moreover, new Rowhammer attacks break existing mitigations. We seek to protect systems against such breakthrough attacks. We present PT-Guard, an integrity protection mechanism for page tables. PT-Guard uses unused bits in Page Table Entries (PTE) to embed a Message Authentication Code (MAC) for the PTE cacheline without any storage overhead. These unused bits arise from PTEs supporting petabytes of physical memory while systems targeted by Rowhammer use at-most terabytes of mem-ory. By storing and verifying MACs for PTEs, PT-Guard detects arbitrary bit-flips in PTEs. Moreover, PT-Guard also provides best-effort correction of faulty-PTEs leveraging value locality. PT-Guard protects page tables from breakthrough Rowhammer attacks with negligible hardware changes, no DRAM storage, <72 bytes of SRAM, 1.3% slowdown, and no software changes.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
