Return oriented programming (ROP) attack protection
First Claim
1. A method of protecting against return oriented programming attacks, the method comprising:
- initiating a compute signature hardware instruction of a computing device to compute a signature for a return address and an associated location on a stack at which the return address is stored, wherein the signature is computed using a one-time pad that is combined with a hash of the return address and the return address position of the return address in the stack, and wherein the one time pad value is stored in at least two separate hardware caches, one cache for use during compute signature as a call cache and one cache for use during verify signature as a return cache;
enforcing that before executing the return instruction using the return address on the stack, initiating a verify signature hardware instruction of the computing device to verify the signature matches the target return address; and
responding to successful verification of the signature through execution of the verify signature hardware instruction by the computing device, executing the return instruction to the return address.
1 Assignment
0 Petitions
Accused Products
Abstract
Return oriented programming (ROP) attack prevention techniques are described. In one or more examples, a method is described of protecting against return oriented programming attacks. The method includes initiating a compute signature hardware instruction of a computing device to compute a signature for a return address and the associated location on the stack the return address is stored and causing storage of the computed signature along with the return address in the stack. The method also includes enforcing that before executing the return instruction using the return address on the stack, initiating a verify signature hardware instruction of the computing device to verify the signature matches the target return address on the stack and responding to successful verification of the signature through execution of the verify signature hardware instruction by the computing device, executing the return instruction to the return address.
-
Citations
17 Claims
-
1. A method of protecting against return oriented programming attacks, the method comprising:
-
initiating a compute signature hardware instruction of a computing device to compute a signature for a return address and an associated location on a stack at which the return address is stored, wherein the signature is computed using a one-time pad that is combined with a hash of the return address and the return address position of the return address in the stack, and wherein the one time pad value is stored in at least two separate hardware caches, one cache for use during compute signature as a call cache and one cache for use during verify signature as a return cache; enforcing that before executing the return instruction using the return address on the stack, initiating a verify signature hardware instruction of the computing device to verify the signature matches the target return address; and responding to successful verification of the signature through execution of the verify signature hardware instruction by the computing device, executing the return instruction to the return address. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computing device configured to protect against return oriented programming (ROP) attacks, the computing device comprising:
-
a processing system having hardware configured to execute instructions stored in memory and having hardware configured to perform; a compute signature hardware instruction to compute a signature for a return address and an associated location on a stack at which the return address is stored, wherein the signature is computed using a one-time pad that is combined with a hash of the return address and the return address position of the return address in the stack, and wherein the one time pad value is stored in at least two separate hardware caches, one cache for use during compute signature as a call cache and one cache for use during verify signature as a return cache; and a verify signature hardware instruction to verify the signature; and the memory configured to maintain an operating system that is executable by the processing system as the instructions, the operating system configured to protect against return oriented programming (ROP) attacks through functionality to initiate the compute signature hardware instruction to compute the signature for the return address and the associated location on the stack the return address is stored and initiate the verify signature hardware instruction to verify the signature before executing the return instruction using the return address on the stack. - View Dependent Claims (13, 14)
-
-
15. One or more computer-readable storage devices having instructions stored thereon that, responsive to execution by one or more computing devices, causes the one or more computing devices to:
-
initiate a compute signature hardware instruction of a computing device to compute a signature for a return address and an associated location on a stack at which the return address is stored, wherein the signature is computed using a one-time pad that is combined with a hash of the return address and the return address position of the return address in the stack, and wherein the one time pad value is stored in at least two separate hardware caches, one cache for use during compute signature as a call cache and one cache for use during verify signature as a return cache; enforce that before executing the return instruction using the return address on the stack, initiating a verify signature hardware instruction of the computing device to verify the signature matches the target return address; and respond to successful verification of the signature through execution of the verify signature hardware instruction by the computing device, executing the return instruction to the return address. - View Dependent Claims (16, 17)
-
Specification