| With the popularization of information technology,computer systems are inseparable from our daily work.Attackers will use vulnerabilities in computer systems to attack and destroy the correct execution of the system to paralyze or abnormally execute the computer or even illegally obtain private information.Computer system vulnerabilities are formed because computer systems are mostly written in C(including C ++)languages.These languages ?lack security monitoring,and attackers can use their storage errors to carry out control flow hijacking attacks.The mainstream anti-attack method is software instrumentation defense,but this time it is based on the hardware design security architecture of the processor defense attack.When the safety processor works after the design is completed,the corresponding compiler needs to generate an executable file of its instruction set architecture.Various code reuse attacks and defenses require code analysis of the compiled ELF file.In the process of compiling and generating ELF format executable files,the linker's job is to find all dependent files for symbol resolution and relocation,so it is the most direct to select the linker to do code control flow analysis in the entire compilation process.Therefore,in the process of code generation of executable files,information analysis and extraction are performed at the linker stage to help the vulnerability attack prevention mechanism.This thesis is to design a secure processor chip based on the RISC-V instruction set,so from the hardware processor to the operating system that controls the interworking of software and hardware to the necessary compiler for program execution,you need to choose the RISC-V instruction set.The team at Berkeley has not only developed the RISC-V instruction set architecture,but also developed and transplanted a series of tool chains such as compiler loaders,which has effectively progressed the work using the RISC-V architecture.The linker performs information extraction for executable files.This work is to study the linker source code under binutils in riscv-gnu-toolchain,study the changes of ELF files in the entire compilation process,and understand the function of each API function according to the BFD library in binutils,find the compilation link The content of the code segment of the executable file is finally generated when the file is generated.According to the characteristics of the control flow hijacking attack,the control flow information of the RISC-V instruction set program is selected,and then the instruction offset of the control flow information is extracted.Then store the control flow information instruction and its offset in the independently created section,so that the loader loads,and recognize the newly added section when loading the generated executable file to perform information security operations.Use the Hello applet to verify that the modified linker has no errors during the entire compilation process,and choose the SPEC-CPU?2006 benchmark to compile the test set and run it in the Spike simulator of the RISC-V instruction set to verify the correctness of the linker modify.This thesis proposes to select the linker to modify in the entire compilation process,pick out the control flow information and successfully add it to the generated executable file,so that the loader is loaded into the RISC-V processor.This design has certain engineering application value for hardware-based defense attacks. |
PDF Full Text Request