Papers
Topics
Authors
Recent
Search
2000 character limit reached

Memory Simulations, Security and Optimization in a Verified Compiler

Published 13 Dec 2023 in cs.LO and cs.PL | (2312.08117v1)

Abstract: Current compilers implement security features and optimizations that require nontrivial semantic reasoning about pointers and memory allocation: the program after the insertion of the security feature, or after applying the optimization, must simulate the original program despite a different memory layout. In this article, we illustrate such reasoning on pointer allocations through memory extensions and injections, as well as fine points on undefined values, by explaining how we implemented and proved correct two security features (stack canaries and pointer authentication) and one optimization (tail recursion elimination) in the CompCert formally verified compiler.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (45)
  1. Apple “ARMv8.3 Pointer Authentication in xnu”, 2021 URL: https://opensource.apple.com/source/xnu/xnu-7195.50.7.100.1/doc/pac.md
  2. Brandon Azad “Examining Pointer Authentication on the iPhone XS” Google Project Zero, 2019 URL: https://googleprojectzero.blogspot.com/2019/02/examining-pointer-authentication-on.html
  3. “Towards Optimizing Certified Compilation in Flight Control Software” In Workshop on Predictability and Performance in Embedded Systems (PPES 2011) 18, OpenAccess Series in Informatics Grenoble,France: Dagstuhl Publishing, 2011, pp. 59–68 URL: http://hal.archives-ouvertes.fr/inria-00551370/
  4. “Verified Compilation for Shared-Memory C” In Programming Languages and Systems (ESOP) 8410, Lecture Notes in Computer Science Grenoble, France: Springer, 2014, pp. 107–127 DOI: 10.1007/978-3-642-54833-8“˙7
  5. Frédéric Besson, Sandrine Blazy and Pierre Wilke “A Concrete Memory Model for CompCert” In Interactive Theorem Proving (ITP) 9236, Lecture Notes in Computer Science Nanjing, China: Springer, 2015, pp. 67–83 DOI: 10.1007/978-3-319-22102-1˙5
  6. Frédéric Besson, Sandrine Blazy and Pierre Wilke “CompCertS: A Memory-Aware Verified C Compiler Using a Pointer as Integer Semantics” In J. Autom. Reason. 63.2, 2019, pp. 369–392 DOI: 10.1007/s10817-018-9496-y
  7. “Return-oriented Programming: Exploitation without Code Injection” In Black Hat, 2008 URL: https://www.blackhat.com/presentations/bh-usa-08/Shacham/BH_US_08_Shacham_Return_Oriented_Programming.pdf
  8. “Choice Trees: Representing Nondeterministic, Recursive, and Impure Programs in Coq” In Proc. ACM Program. Lang. 7.POPL, 2023, pp. 1770–1800 DOI: 10.1145/3571254
  9. “Buffer overflows: attacks and defenses for the vulnerability of the decade” In Proceedings DARPA Information Survivability Conference and Exposition. DISCEX’00 2 Hilton Head, South Carolina, United States: IEEE Computer Society, 2000, pp. 119–129 DOI: 10.1109/DISCEX.2000.821514
  10. Zaynah Dargaye “Vérification formelle d’un compilateur optimisant pour langages fonctionnels. (Formal verification of an optimizing compiler for functional languages)”, 2009 URL: https://tel.archives-ouvertes.fr/tel-00452440
  11. Danny Dolev and Andrew Chi-Chih Yao “On the security of public key protocols” In IEEE Trans. Inf. Theory 29.2, 1983, pp. 198–207 DOI: 10.1109/TIT.1983.1056650
  12. “SMTCoq: A Plug-In for Integrating SMT Solvers into Coq” In Computer Aided Verification - 29th International Conference, CAV 2017, Heidelberg, Germany, July 24-28, 2017, Proceedings, Part II 10427, Lecture Notes in Computer Science Springer, 2017, pp. 126–133 DOI: 10.1007/978-3-319-63390-9“˙7
  13. François Ferrière “A compiler approach to Cyber-Security” https://llvm.org/devmtg/2019-04/slides/TechTalk-Ferriere-A_compiler_approach_to_cybersecurity.pdf, Slides presented at EuroLLVM, 2019
  14. Léo Gourdin “formally verified postpass scheduling with peephole optimization for AArch64” In AFADL, 2021 URL: https://www.lirmm.fr/afadl2021/papers/afadl2021_paper_9.pdf
  15. Léo Gourdin “Lazy Code Transformations in a Formally Verified Compiler” In Proceedings of the 18th ACM International Workshop on Implementation, Compilation, Optimization of OO Languages, Programs and Systems, ICOOOLPS 2023, Seattle, WA, USA, 17 July 2023 ACM, 2023, pp. 3–14 DOI: 10.1145/3605158.3605848
  16. “Formally Verifying Optimizations with Block Simulations” To appear In OOPSLA, 2023
  17. “The ARM Morello Evaluation Platform - Validating CHERI-Based Security in a High-Performance System” In IEEE Micro 43.3, 2023, pp. 50–57 DOI: 10.1109/MM.2023.3264676
  18. “ISO/IEC 9899:2018 — Information technology — Programming languages — C”, 2018 ISO/IEC
  19. Xavier Leroy “A Formally Verified Compiler Back-end” In J. Autom. Reason. 43.4, 2009, pp. 363–446 DOI: 10.1007/s10817-009-9155-4
  20. Xavier Leroy “Formal verification of a realistic compiler” In Commun. ACM 52.7, 2009, pp. 107–115 DOI: 10.1145/1538788.1538814
  21. “Formal Verification of a C-like Memory Model and Its Uses for Verifying Program Transformations” In J. Autom. Reason. 41.1, 2008, pp. 1–31 DOI: 10.1007/s10817-008-9099-0
  22. “The CompCert Memory Model, Version 2”, 2012, pp. 26
  23. Elias Levy “Smashing the stack for fun and profit” The author is also known as “Aleph One” In Phrack, 1996 URL: http://www.phrack.org/issues/49/14.html#article
  24. “Alive2: bounded translation validation for LLVM” In PLDI ’21: 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation, Virtual Event, Canada, June 20-25, 2021 ACM, 2021, pp. 65–79 DOI: 10.1145/3453483.3454030
  25. Antoine Miné “Field-Sensitive Value Analysis of Embedded C Programs with Union Types and Pointer Arithmetics” ACM Press, 2006, pp. 54–63 eprint: cs/0703074
  26. “The Trusted Computing Base of the CompCert Verified Compiler” In European Symposium on Programming Languages and Systems (ESOP ’22) 13240, Lecture Notes in Computer Science Springer, 2022, pp. 204–233 DOI: 10.1007/978-3-030-99336-8˙8
  27. “Testing a Formally Verified Compiler” In Tests and Proofs - 17th International Conference, TAP 2023, Leicester, UK, July 18-19, 2023, Proceedings 14066, Lecture Notes in Computer Science Springer, 2023, pp. 40–48 DOI: 10.1007/978-3-031-38828-6“˙3
  28. “SoftBound: highly compatible and complete spatial memory safety for c” In Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2009, Dublin, Ireland, June 15-21, 2009 ACM, 2009, pp. 245–258 DOI: 10.1145/1542476.1542504
  29. Nahmsuk Oh, Philip P. Shirvani and Edward J. McCluskey “Error detection by duplicated instructions in super-scalar processors” In IEEE Trans. Reliab. 51.1, 2002, pp. 63–75 DOI: 10.1109/24.994913
  30. Alexander Peslyak “Getting around non-executable stack (and fix)” The author is also known as “Solar Designer”, Bugtraq mailing list, 1997 URL: https://seclists.org/bugtraq/1997/Aug/63
  31. “Pointer Authentication” Documentation for Apple’s fork of LLVM, 2019 Apple URL: https://github.com/apple/llvm-project/blob/apple/main/clang/docs/PointerAuthentication.rst
  32. “Pointer authentication on ARMv8.3”, 2017 Qualcomm Technologies, Inc. URL: https://www.qualcomm.com/content/dam/qcomm-martech/dm-assets/documents/pointer-auth-v7.pdf
  33. “SWIFT: Software Implemented Fault Tolerance” In 3nd IEEE / ACM International Symposium on Code Generation and Optimization (CGO 2005), 20-23 March 2005, San Jose, CA, USA IEEE Computer Society, 2005, pp. 243–254 DOI: 10.1109/CGO.2005.34
  34. “Validating Register Allocation and Spilling” In Compiler Construction, 19th International Conference, CC 2010, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2010, Paphos, Cyprus, March 20-28, 2010. Proceedings 6011, Lecture Notes in Computer Science Springer, 2010, pp. 224–243 DOI: 10.1007/978-3-642-11970-5“˙13
  35. Cyril Six “Compilation optimisante et formellement prouvée pour un processeur VLIW”, 2021 URL: https://tel.archives-ouvertes.fr/tel-03326923
  36. Cyril Six, Sylvain Boulmé and David Monniaux “Certified and efficient instruction scheduling: application to interlocked VLIW processors” In Proc. ACM Program. Lang. 4.OOPSLA, 2020, pp. 129:1–129:29 DOI: 10.1145/3428197
  37. “Formally verified superblock scheduling” In CPP ’22: 11th ACM SIGPLAN International Conference on Certified Programs and Proofs, Philadelphia, PA, USA, January 17 - 18, 2022 ACM, 2022, pp. 40–54 DOI: 10.1145/3497775.3503679
  38. “A CompCert Backend with Symbolic Encryption” In Workshop on Principles of Secure Compilation (PriSC), 2022 URL: https://hal.science/hal-03555551
  39. Jean-Baptiste Tristan “Formal verification of translation validators”, 2009 URL: https://tel.archives-ouvertes.fr/tel-00437582
  40. “A simple, verified validator for software pipelining” In Proceedings of the 37th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2010, Madrid, Spain, January 17-23, 2010 ACM, 2010, pp. 83–92 DOI: 10.1145/1706299.1706311
  41. “Formal verification of translation validators: a case study on instruction scheduling optimizations” In Proceedings of the 35th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2008, San Francisco, California, USA, January 7-12, 2008 ACM, 2008, pp. 17–27 DOI: 10.1145/1328438.1328444
  42. “The CHERI capability model: Revisiting RISC in an age of risk” In ACM/IEEE 41st International Symposium on Computer Architecture, ISCA 2014, Minneapolis, MN, USA, June 14-18, 2014 IEEE Computer Society, 2014, pp. 457–468 DOI: 10.1109/ISCA.2014.6853201
  43. “WP Plug-in Manual for Frama-C 28.0 (Nickel)”, 2023 CEA-List
  44. Jianzhou Zhao “Formalizing an SSA-based compiler for verified advanced program transformations”, 2013 URL: https://www.cis.upenn.edu/~stevez/vellvm/Zhao13.pdf
  45. “Formalizing the LLVM intermediate representation for verified program transformations” In Proceedings of the 39th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2012, Philadelphia, Pennsylvania, USA, January 22-28, 2012 ACM, 2012, pp. 427–440 DOI: 10.1145/2103656.2103709
Citations (1)
View on Semantic Scholar

Summary

No one has generated a summary of this paper yet.

Sign Up to Summarize

Paper to Video (Beta)

No one has generated a video about this paper yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Generate Now

Authors (1)

  1. David Monniaux 

Collections

Sign up for free to add this paper to one or more collections.

Sign Up