BSDCan2015 - ZI

BSDCan 2015
The Technical BSD Conference

Speakers
John Criswell
Schedule
Day Talks #1 - 12 June - 2015-06-12
Room DMS 1160
Start time 16:30
Duration 01:00
Info
ID 591
Event type Lecture
Track Security
Language used for presentation English

Protecting FreeBSD with Secure Virtual Architecture

In this talk, I will present our research on protecting FreeBSD applications and the FreeBSD kernel from attacks. I will briefly describe the KCoFI system which protects the FreeBSD kernel from control-flow hijack attacks (such as classic buffer overflow attacks) and the Virtual Ghost system which protects applications from a compromised operating system kernel. Both KCoFI and Virtual Ghost are built using the Secure Virtual Architecture (SVA) (an LLVM-based infrastructure for enforcing security policies through compiler instrumentation and hardware techniques). SVA, KCoFI, and Virtual Ghost are available as open-source software at https://github.com/jtcriswell/SVA.

In this talk, I will present our work on using the Secure Virtual Architecture (SVA) to protect FreeBSD applications and the FreeBSD kernel from security attacks. SVA is an LLVM-based infrastructure that permits us to use compiler instrumentation techniques to enforce security policies on both application and kernel code. In this talk, I will briefly describe how we used SVA to implement KCoFI: a system that enforces control-flow integrity and code segment integrity on the FreeBSD kernel to protect it from control-flow hijack attacks. I will then describe how we extended KCoFI to build Virtual Ghost. Virtual Ghost protects applications from a compromised operating system kernel. I will describe how Virtual Ghost uses compiler instrumentation to prevent the FreeBSD kernel from spying on and corrupting private application data and how it prevents the kernel from maliciously modifying application control flow (while still supporting features such as signal handlers and process creation).