Techniques for enforcing control flow integrity using binary translation

US 10,268,819 B2
Filed: 02/13/2017
Issued: 04/23/2019
Est. Priority Date: 12/23/2014
Status: Expired due to Fees

First Claim

Patent Images

1. An apparatus, comprising:

a memory; and

logic for control flow integrity, at least a portion of the logic implemented in circuitry coupled to the memory, the logic to;

determine whether a translated instruction includes an indirect branch instruction in response to execution of an application associated with the translated instruction;

when the logic determines the translated instruction includes an indirect branch instruction, the logic to;

identify a library associated with the translated instruction when the translated instruction includes an indirect branch instruction,access a table based on the library associated with the translated instruction, andvalidate a target address of the indirect branch instruction based on the table; and

when the logic determines the translated instruction excludes indirect branch instructions, the logic to;

determine whether the translated instruction includes one of a set of valid stack modification instructions,execute the translated instruction when the translated instruction includes a valid stack modification instruction in the set, andinitiate a security measure when the translated instruction excludes the set of valid stack modification instructions.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments are generally directed to an apparatus, method and other techniques to determine a valid target address for a branch instruction from information stored in a relocation table, a linkage table, or both, the relocation table and the linkage table associated with a binary file and store the valid target address in a table in memory, the valid target address to validate a target address for a translated portion of a routine of the binary file.

Citations

25 Claims

1. An apparatus, comprising:
- a memory; and
  
  logic for control flow integrity, at least a portion of the logic implemented in circuitry coupled to the memory, the logic to;
  
  determine whether a translated instruction includes an indirect branch instruction in response to execution of an application associated with the translated instruction;
  
  when the logic determines the translated instruction includes an indirect branch instruction, the logic to;
  
  identify a library associated with the translated instruction when the translated instruction includes an indirect branch instruction,access a table based on the library associated with the translated instruction, andvalidate a target address of the indirect branch instruction based on the table; and
  
  when the logic determines the translated instruction excludes indirect branch instructions, the logic to;
  
  determine whether the translated instruction includes one of a set of valid stack modification instructions,execute the translated instruction when the translated instruction includes a valid stack modification instruction in the set, andinitiate a security measure when the translated instruction excludes the set of valid stack modification instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The apparatus of claim 1, determination of whether the translated instruction includes one of a set of valid stack modification instructions to include logic to:
    - determine whether the translated instruction includes a stack modification instruction in response to a determination the translated instruction excludes an indirect branch instruction;
      
      execute the translated instruction when the translated instruction excludes a stack modification instruction; and
      
      determine whether the translated instruction includes a valid stack modification when the translated instruction includes a stack modification instruction.
  - 3. The apparatus of claim 2, determination of whether the translated instruction includes a valid stack modification to include logic to determine whether the translated instruction modifies a stack pointer within a predetermined set of valid boundaries.
  - 4. The apparatus of claim 1, the logic to execute a stub instruction associated with the translated instruction when the translated instruction includes an indirect branch instruction.
  - 5. The apparatus of claim 4, the logic to:
    - determine whether the translated instruction includes one of a set of valid target addresses in response to execution of the stub instruction;
      
      execute the translated instruction when the translated instruction includes a valid target address in the set; and
      
      initiate the security measure when the translated instruction excludes the set of valid target addresses.
  - 6. The apparatus of claim 5, determination of whether the translated instruction includes one of the set of valid target addresses to include logic to validate the translated instruction with information in a fast lookup table.
  - 7. The apparatus of claim 6, the logic to compare an intended target address associated with the translated instruction to information in the fast lookup table to determine whether the translated instruction includes a valid target address in the set.
  - 8. The apparatus of claim 1, the security measure to include an interruption of execution of the application associated with the translated instruction or an indication to a security agent or anti-virus program.
  - 9. The apparatus of claim 1, the logic to initiate execution of the application associated with the translated instruction.

10. At least one non-transitory computer-readable medium comprising a set of instructions that, in response to being executed by a processor circuit, cause the processor circuit to:
- determine whether a translated instruction includes an indirect branch instruction in response to execution of an application associated with the translated instruction;
  
  when a determination the translated instruction includes an indirect branch instruction is made, the set of instructions, in response to being executed by the processor circuit, to cause the processor circuit to;
  
  identify a library associated with the translated instruction when the translated instruction includes an indirect branch instruction,access a table based on the library associated with the translated instruction, andvalidate a target address of the indirect branch instruction based on the table; and
  
  when a determination the translated instruction excludes indirect branch instructions is made, the set of instructions, in response to being executed by the processor circuit, to cause the processor circuit to;
  
  determine whether the translated instruction includes one of a set of valid stack modification instructions,execute the translated instruction when the translated instruction includes a valid stack modification instruction in the set, andinitiate a security measure when the translated instruction excludes the set of valid stack modification instructions.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The at least one non-transitory computer-readable medium of claim 10, determination of whether the translated instruction includes one of a set of valid stack modification instructions comprising instructions that, in response to being executed by the processor circuit, cause the processor circuit to:
    - determine whether the translated instruction includes a stack modification instruction in response to a determination the translated instruction excludes an indirect branch instruction;
      
      execute the translated instruction when the translated instruction excludes a stack modification instruction; and
      
      determine whether the translated instruction includes a valid stack modification when the translated instruction includes a stack modification instruction.
  - 12. The at least one non-transitory computer-readable medium of claim 11, determination of whether the translated instruction includes a valid stack modification comprising instructions that, in response to being executed by the processor circuit, cause the processor circuit to determine whether the translated instruction modifies a stack pointer within a predetermined set of valid boundaries.
  - 13. The at least one non-transitory computer-readable medium of claim 10, comprising instructions that, in response to being executed by the processor circuit, cause the processor circuit to execute a stub instruction associated with the translated instruction when the translated instruction includes an indirect branch instruction.
  - 14. The at least one non-transitory computer-readable medium of claim 13, comprising instructions that, in response to being executed by the processor circuit, cause the processor circuit to:
    - determine whether the translated instruction includes one of a set of valid target addresses in response to execution of the stub instruction;
      
      execute the translated instruction when the translated instruction includes a valid target address in the set; and
      
      initiate the security measure when the translated instruction excludes the set of valid target addresses.
  - 15. The at least one non-transitory computer-readable medium of claim 14, determination of whether the translated instruction includes one of the set of valid target addresses comprising instructions that, in response to being executed by the processor circuit, cause the processor circuit to validate the translated instruction with information in a fast lookup table.
  - 16. The at least one non-transitory computer-readable medium of claim 15, comprising instructions that, in response to being executed by the processor circuit, cause the processor circuit to compare an intended target address associated with the translated instruction to information in the fast lookup table to determine whether the translated instruction includes a valid target address in the set.
  - 17. The at least one non-transitory computer-readable medium of claim 10, the security measure to include an interruption of execution of the application associated with the translated instruction or an indication to a security agent or anti-virus program.
  - 18. The at least one non-transitory computer-readable medium of claim 10, comprising instructions that, in response to being executed by the processor circuit, cause the processor circuit to initiate execution of the application associated with the translated instruction.

19. A computer-implemented method, comprising:
- determining whether a translated instruction includes an indirect branch instruction in response to execution of an application associated with the translated instruction;
  
  when the translated instruction is determined to include an indirect branch instruction, the computer-implemented method comprising;
  
  identifying a library associated with the translated instruction when the translated instruction includes an indirect branch instruction,accessing a table based on the library associated with the translated instruction, andvalidating a target address of the indirect branch instruction based on the table; and
  
  when the translated instruction is determined to exclude indirect branch instructions, the computer-implemented method comprising;
  
  determining whether the translated instruction includes one of a set of valid stack modification instructions,executing the translated instruction when the translated instruction includes a valid stack modification instruction in the set, andinitiating a security measure when the translated instruction excludes the set of valid stack modification instruction.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. The computer-implemented method of claim 19, determination of whether the translated instruction includes one of a set of valid stack modification instructions comprising:
    - determining whether the translated instruction includes a stack modification instruction in response to a determination the translated instruction excludes an indirect branch instruction;
      
      executing the translated instruction when the translated instruction excludes a stack modification instruction; and
      
      determining whether the translated instruction includes a valid stack modification when the translated instruction includes a stack modification instruction.
  - 21. The computer-implemented method of claim 20, determination of whether the translated instruction includes a valid stack modification comprising determining whether the translated instruction modifies a stack pointer within a predetermined set of valid boundaries.
  - 22. The computer-implemented method of claim 19, comprising executing a stub instruction associated with the translated instruction when the translated instruction includes an indirect branch instruction.
  - 23. The computer-implemented method of claim 22, comprising:
    - determining whether the translated instruction includes one of a set of valid target addresses in response to execution of the stub instruction;
      
      executing the translated instruction when the translated instruction includes a valid target address in the set; and
      
      initiating the security measure when the translated instruction excludes the set of valid target addresses.
  - 24. The computer-implemented method of claim 23, determination of whether the translated instruction includes one of the set of valid target addresses comprising validating the translated instruction with information in a fast lookup table.
  - 25. The computer-implemented method of claim 24, comprising comparing an intended target address associated with the translated instruction to information in the fast lookup table to determine whether the translated instruction includes a valid target address in the set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Yamada, Koichi, Shanmugavelayutham, Palanivelrajan, Konda, Sravani
Primary Examiner(s)
Cervetti, David Garcia

Application Number

US15/430,652
Publication Number

US 20170316201A1
Time in Patent Office

799 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/54   by adding security routines...

G06F 8/30   Creation or generation of s...

G06F 8/52   Binary to binary

G06F 9/30054   Unconditional branch instru...

G06F 9/323   for indirect branch instruc...

G06F 9/4552   Involving translation to a ...

Techniques for enforcing control flow integrity using binary translation

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Techniques for enforcing control flow integrity using binary translation

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links