Techniques for enforcing control flow integrity using binary translation
First Claim
Patent Images
1. An apparatus, comprising:
- a memory; and
logic for control flow integrity, at least a portion of the logic implemented in circuitry coupled to the memory, the logic to;
determine whether a translated instruction includes an indirect branch instruction in response to execution of an application associated with the translated instruction;
when the logic determines the translated instruction includes an indirect branch instruction, the logic to;
identify a library associated with the translated instruction when the translated instruction includes an indirect branch instruction,access a table based on the library associated with the translated instruction, andvalidate a target address of the indirect branch instruction based on the table; and
when the logic determines the translated instruction excludes indirect branch instructions, the logic to;
determine whether the translated instruction includes one of a set of valid stack modification instructions,execute the translated instruction when the translated instruction includes a valid stack modification instruction in the set, andinitiate a security measure when the translated instruction excludes the set of valid stack modification instructions.
0 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments are generally directed to an apparatus, method and other techniques to determine a valid target address for a branch instruction from information stored in a relocation table, a linkage table, or both, the relocation table and the linkage table associated with a binary file and store the valid target address in a table in memory, the valid target address to validate a target address for a translated portion of a routine of the binary file.
-
Citations
25 Claims
-
1. An apparatus, comprising:
-
a memory; and logic for control flow integrity, at least a portion of the logic implemented in circuitry coupled to the memory, the logic to; determine whether a translated instruction includes an indirect branch instruction in response to execution of an application associated with the translated instruction; when the logic determines the translated instruction includes an indirect branch instruction, the logic to; identify a library associated with the translated instruction when the translated instruction includes an indirect branch instruction, access a table based on the library associated with the translated instruction, and validate a target address of the indirect branch instruction based on the table; and when the logic determines the translated instruction excludes indirect branch instructions, the logic to; determine whether the translated instruction includes one of a set of valid stack modification instructions, execute the translated instruction when the translated instruction includes a valid stack modification instruction in the set, and initiate a security measure when the translated instruction excludes the set of valid stack modification instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. At least one non-transitory computer-readable medium comprising a set of instructions that, in response to being executed by a processor circuit, cause the processor circuit to:
-
determine whether a translated instruction includes an indirect branch instruction in response to execution of an application associated with the translated instruction; when a determination the translated instruction includes an indirect branch instruction is made, the set of instructions, in response to being executed by the processor circuit, to cause the processor circuit to; identify a library associated with the translated instruction when the translated instruction includes an indirect branch instruction, access a table based on the library associated with the translated instruction, and validate a target address of the indirect branch instruction based on the table; and when a determination the translated instruction excludes indirect branch instructions is made, the set of instructions, in response to being executed by the processor circuit, to cause the processor circuit to; determine whether the translated instruction includes one of a set of valid stack modification instructions, execute the translated instruction when the translated instruction includes a valid stack modification instruction in the set, and initiate a security measure when the translated instruction excludes the set of valid stack modification instructions. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer-implemented method, comprising:
-
determining whether a translated instruction includes an indirect branch instruction in response to execution of an application associated with the translated instruction; when the translated instruction is determined to include an indirect branch instruction, the computer-implemented method comprising; identifying a library associated with the translated instruction when the translated instruction includes an indirect branch instruction, accessing a table based on the library associated with the translated instruction, and validating a target address of the indirect branch instruction based on the table; and when the translated instruction is determined to exclude indirect branch instructions, the computer-implemented method comprising; determining whether the translated instruction includes one of a set of valid stack modification instructions, executing the translated instruction when the translated instruction includes a valid stack modification instruction in the set, and initiating a security measure when the translated instruction excludes the set of valid stack modification instruction. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
Specification