Reto Achermann
Assistant Professor
Systopia Lab
Department of Computer Science
University of British Columbia
Secure Memory Management on Modern Hardware
Authors
Reto Achermann, Nora Hossle, Lukas Humbel, Daniel Schwyn, David Cock and Timothy Roscoe
Venue
arXiv Preprint
Links
Abstract
Almost all modern hardware, from phone SoCs to high-end servers with accelerators, contain memory translation and protection hardware like IOMMUs, firewalls, and lookup tables which make it impossible to reason about, and enforce protection and isolation based solely on the processor's MMUs. This has led to numerous bugs and security vulnerabilities in today's system software.
In this paper we regain the ability to reason about and enforce access control using the proven concept of a reference monitor mediating accesses to memory resources. We present a fine-grained, realistic memory protection model that makes this traditional concept applicable today, and bring system software in line with the complexity of modern, heterogeneous hardware.
Our design is applicable to any operating system, regardless of architecture. We show that it not only enforces the integrity properties of a system, but does so with no inherent performance overhead and it is even amenable to automation through code generation from trusted hardware specifications.
Bibtex
@article{Achermann:2020:SMM,
author = {Reto Achermann and Nora Hossle and Lukas Humbel and Daniel Schwyn and David Cock and Timothy Roscoe},
doi = {10.48550/arXiv.2009.02737},
eprint = {2009.02737},
eprintclass = {cs.OS},
eprinttype = {preprint},
id = {Achermann:2020:SMM},
journal = {arXiv Preprint},
publisher = {2009.02737},
title = {Secure Memory Management on Modern Hardware},
url = {https://doi.org/10.48550/arXiv.2009.02737},
year = {2020}
}
