Supporting memory safety through assembly transformation

Abstract

In computer systems with multiple processes, memory protection is required to avoid having one process access another's memory and corrupting it. Protection can be provided either at the hardware level through specifi c components such as the memory management unit, or by using software based techniques. While on most high end systems hardware based protection is used, lower-end devices such as microcontrollers usually omit these components in order to reduce chip size, cost, and power consumption. In these cases software based approaches are used in order to protect processes from each other. Software based techniques are also commonly used between frequently communicating processes such as web browsers and their various plug-ins, even on systems where hardware based protection is available. Commonly, software based approaches involve transforming program code in order to ensure memory safety at runtime by inserting runtime memory access checks. This is typically achieved by implementing a code transformer which performs the transformations necessary for the particular approach being taken. This results in compilers that perform single specific transformations, for single instruction sets. In this dissertation we propose a generic solution which permits the scripting of different memory protection approaches, thus allowing for experimenting with new such algorithms. The proposed approach has been implemented into a proof of concept tool which uses an aspect oriented programming like language that makes it possible to instrument assembly programs at the instruction level. This facilitates the insertion of safety checks before every instruction writing data to memory for example. The language is designed such that it is instruction set agnostic making it possible to apply the same transformation for various devices. The tool has been used to implement use case tests for the MSP430 instruction set. The two major components of this project: the designed language and the prototype code transformation tool, are evaluated in terms of design, ability to express different techniques presented in related work, and overheads introduced to transformed programs. The use case resulted in runtime overheads close to those in related work, while the implementation process was much easier with the use of the designed language and prototype tool.