SHORE: Hardware/Software Method for Memory Safety Acceleration on RISC-V

Abstract

Memory corruption vulnerabilities can lead to software attacks. Pointer-based memory safety protection has been shown as a promising solution covering both out-of-bounds and use-after-free errors. Software only approaches have significant performance overhead. Existing hardware/software implementations are largely limited to proprietary closed-source microprocessors, simulation-only studies or require changes to the input source code.In this paper, we present a novel hardware/software co-design methodology consisting of a RISC-V based processor extended with new instructions and microarchitecture enhancements, enabling faster memory safety checks. A compiler is instrumented to provide security operations taking into account the changes to the processor. The entire system is realized by enhancing a RISC-V Rocket-chip system-on-chip (SoC) <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">1</sup> . The resultant processor SoC is implemented on an FPGA and evaluated with applications from SPEC 2006 (for generic applications), MiBench (for embedded applications), and Olden benchmark suites for performance. Our experiments show that the proposed approach achieves up to 3. 79X speedup (average 2. 6X) in comparison to the traditional software-based approach for SPEC2006 while possessing an overhead of 6.33% in terms of area. This speedup is better than the state-of-the-art approach. Our security coverage using the NIST Juliet test suite shows better coverage than the software only method.