Creating stack position dependent cryptographic return address to mitigate return oriented programming attacks
First Claim
Patent Images
1. A computing device to secure return addresses to mitigate return oriented programming attacks, the computing device comprising:
- a processor comprising call logic,wherein, prior to storage of a return address on a call stack, the call logic is to;
read a secret key from a memory location of the computing device that is readable by the processor;
determine a stack position identifier, the stack position identifier usable to determine a location on the call stack at which the return address is to be stored;
generate security data indicative of the return address by execution of a cryptographic algorithm such that the security data is based on both of;
(i) the secret key and (ii) the stack position identifier;
modify the return address indicated in the security data to reference a non-canonical location in memory; and
store the security data in a memory location that is readable by the processor.
1 Assignment
0 Petitions
Accused Products
Abstract
A computing device includes technologies for securing return addresses that are used by a processor to control the flow of execution of a program. The computing device uses a cryptographic algorithm to provide security for a return address in a manner that binds the return address to a location in a stack.
18 Citations
23 Claims
-
1. A computing device to secure return addresses to mitigate return oriented programming attacks, the computing device comprising:
-
a processor comprising call logic, wherein, prior to storage of a return address on a call stack, the call logic is to; read a secret key from a memory location of the computing device that is readable by the processor; determine a stack position identifier, the stack position identifier usable to determine a location on the call stack at which the return address is to be stored; generate security data indicative of the return address by execution of a cryptographic algorithm such that the security data is based on both of;
(i) the secret key and (ii) the stack position identifier;modify the return address indicated in the security data to reference a non-canonical location in memory; and store the security data in a memory location that is readable by the processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for securing an address used by a processor of a computing device to control the flow of execution of a program, the method comprising:
prior to storing an address on a stack; reading a secret key from a memory location of the computing device that is readable by the processor; determining a stack position identifier, the stack position identifier usable to determine a location on the stack at which the address is to be stored; generating security data indicative of the address by executing a cryptographic algorithm such that the security data is based on both of;
(i) the secret key and (ii) the stack position identifier;modifying the address indicated in the security data to reference a non-canonical location in memory; and storing the security data in a memory location that is readable by the processor. - View Dependent Claims (16, 17)
-
18. One or more non-transitory machine readable storage media comprising a plurality of instructions stored thereon that in response to being executed result in a computing device securing an address used by a processor of a computing device to control the flow of execution of a program, by:
prior to storing an address on a stack; reading a secret key from a memory location of the computing device that is readable by the processor; determining a stack position identifier, the stack position identifier usable to determine a location on the stack at which the address is to be stored; generating security data indicative of the return address by executing a cryptographic algorithm such that the security data is based on both of;
(i) the secret key and (ii) the stack position identifier;modifying the return address indicated in the security data to reference a non-canonical location in memory; and storing the security data in a memory location that is readable by the processor. - View Dependent Claims (19, 20, 21, 22, 23)
Specification