grab a yubikey at yubi.co/lowlevellearning-2024 and secure yourself online with two factor authentication. thanks again Yubico for sponsoring todays video!

And there I was thinking, after reading the title, using "signed" pointers meant to allow them to have negative values, and could not think how that would be feasible. This makes more sense.

So we are going to essentially compute hashes on addresses, and every single time we want to use said pointer? I wonder what kind of impact on speed it could have?

You got sponsored by Yubico ? 😳😳 bro they don’t even put out ads, You basically bagged the most legit sponsor any YTber has ever had.

Thanks, I will talk about this in my next Bumble date

At this point we should disallow everyone who is not a level 3 magician access to a c compiler

I’m using this channel to understand the spoken English, but idk why in my native language (Spanish) nobody is talking about these features, that’s cool man, you really know a lot of this stuff I appreciate your content buddy

I once found a weakness in this where you can use tail call optimisation and exfiltration and longjmp (if you can line all those up) as a pointer signing widget. Tail call optimisation causes your choice of return address to be rewritten with a predictable corruption of a correct signature before being passed to the next function, but this doesn't cause a fault, yet. If you can then exfiltrate that address then you can fix it yourself to get your pointer with a correct signature. After that you need to avoid the exception, which you can do via longjmp(). Next time around use the pointer you exfiltrated last time, with the correction, and return normally rather then via longjmp() to the destination of your choice.

6:30 - So ARM is limiting their virtual address space per program? 29 bits of a 64 bit address space being reserved seems like it would mean you can use up to just over 34 million addresses. While that may seem like a lot for most programs, I do wonder if it is kinda a "640k is all you'll need" sort of situation.

I worked on z/os kernel for many years, this problem was solved by verifying pointers by making sure something in the operating system points to it. No storage is copied into directly.

A simple solution is to disallow modifying pointers altogether. On the AS/400, for example, *only* the platform firmware can hand out pointers. You can't create pointers out of thin air, and you can't modify them. Once you perform arithmetic on a pointer, it's no longer a pointer but just a number. In addition, pointers are typed, and they are tagged with an owner and with access restrictions. Another nice feature of the AS/400 is that only the OS can compile to native code. You cannot write native code, and you can't compile to native code. You can only compile to intermediate code, the OS then compiles to native code. And the intermediate code is "safe", i.e., it contains no instructions that could violate memory safety, pointer safety, or type safety. This idea also exists in Microsoft Research's Singularity OS. All code is delivered as high-level byte code, together with a manifest that contains a list of all the privileged actions the code needs to perform. The compiler will first prove that the code only uses the privileges listed in the manifest, otherwise it will reject the code. Only then will it compile it to native code. And just like OS/400, the compiler is a privileged OS service that cannot be invoked by a user. Singularity uses what they call SIPs (Software-Isolated Processes) for process isolation. In fact, all of Singularity runs in Ring 0 in a single address space. Why? Because the language itself already guarantees stronger isolation properties than the CPU and MMU can anyway, so why bother? Each SIP has its own object space with its own garbage collector. There are no instructions in the byte code which can access memory or manipulate pointers. All data exchange between SIPs is through message-passing. Messages are only ever owned by one SIP: before sending, they are exclusively owned by the sender, after sending, they are exclusively owned by the receiver - there is no shared memory, ever. SIPs define their messaging protocols statically, this allows the compiler to generate code that actually operates on a shared memory region. So, you effectively get the safety and semantics of message-passing shared-nothing concurrency with fully isolated processes, but with the performance characteristics of shared-mutable-memory concurrency using lightweight threads. Sadly, because of backwards-compatibility requirements with C, approaches like this never see the light of day.

You can even put a Hash in it that has an expiration time, so dangling pointers don't stick around for days and days and days.

The audio in this vid is ever so slightly out of sync, just FYI

Mint video

Random bits on an integer isn't really encryption and doesn't stop anything from looking for pointers with undefined behavior.

This has been a 'solved' problem on IBM Power for decades, in big-endian mode there are memory tagging extensions that use a hashed page table. Some other great stuff in Linux like wipe/fill on free and alloc works great on Power too. In little endian the overhead becomes heavier because check bits go at the 'wrong' end of your address so you need 'software' solutions like to XOR or put the check bits where they eat into allocatable memory. It's good that Arm are bringing this feature back into general purpose processors, it's been a thing on IBM Power for like 30 years.

Correction at 5:34: the PML4, PDPT, PD, PT tables are NOT inside the CPU! The PDB inside the CR3 register is the only thing inside the CPU that bootstraps the Virtual2Physical address translation process (apart from the general purpose register containing the virtual memory address). All the tables are inside RAM, except for the TLB cache.

5:37 bro thought he could slide that in there without us noticing

I had to comment because this is a project I worked on for awhile (not in industry, in school). I even have a verilog circuit rigged up to do just this sort of verification in "real-time" behind the scenes. Definitely a cool idea, I'd love to see it brought to fruition. As someone else mentioned there of course is overhead associated with it but there is a litany of mechanisms you can use to distribute that cost across idle cycles or preemptively as opposed to in-lining it like I was doing.

00:25 wait, YOU have to ask for money to get your files back? Isn't that the ransomer's part? 😂

Seems like this would interfere with NaN packing that many dynamically typed languages use in order to store pointers and other data types inside the diagnostic information portion of NaN floating point numbers. (Basically turning 64-bit floats that are NaN into enums that store both type information and value).

Holy shit... is signing in Ring 0. that sounds mind-blowing

5:38 Cool Babe Face 😂 I see what you did there

Ahh, I wish the title of the video was properly explored. Naturally, it does a great job explaining what pointer signing is about, but I wish there was a discussion section in the video focusing on adoption and whether it ever makes sense to sign *all* pointers. Cool topic though!

“Babyface” got me

JWT is going to be brought to the whole next level lol

Isn't this similar to what CHERI is doing? I believe CHERI is a bit more exhaustive and/but requires the software to be aware of it

Does anyone else ever fantasize about what we could do with our computers if half of our development time and half of the computational energy didn't have to be dedicated to security?

one thing people often dont know is that the absolute minimum requirement to jump to an arbitrary address (im aware of other methods, but this one is very simple) in x86. all you need is 6 bytes, equivalent to"push [32 bit address]; ret;" in assembly. this jumps to an arbitrary address, as "ret" is surprisingly more complicated than one may expect

"Hackers are everywhere" Yeah, they might even be wearing my skeleton

The pointer values are typically constrained to effective 48 bits by forcing the most significant bits to be all zeroes or all ones.

Thanks for the video - It’s a very interesting concept. My only hot take question is theoretical and perhaps naive since I’m not well versed in security - Since we expect compiled executables to be portable between machines that are of identical platform and spec, wouldn’t the executable require the decryption keys to be bundled in? And if yes, how would those be protected?

Stack limit register might have been even better option. Imagine a hidden register that could be modified only by special, for example, "branch, link and limit" instruction family, to point to address of return address value in stack and any access beyond it that is not by 'ret' instruction will generate an exception. Should be cheap to implement at hardware level and transparent to use, but hell to implement in backwards-compatible way though, since having an extra value alongside return address would definitely be an ABI-breaking change.

Once that buffer over floor has been patched, another one will crop up somewhere. That’s unfortunately life.

Reminds me of the IBM 7040 which could set a word without updating the parity bit. It was used to detect uninitialized variables.

I want my pointers to have a tracking id and signature verification... heck throw in the insurance too!

Pointer tricks like this are terrible. Back when I was putting Linux username apps to aarch64 we noticed certain apps and libraries advise the upper bits of 64bit pointers. The problem was 64bit arm was enabling 52bit addressed memory... Some super computer somewhere required that much size, but I digress... We were not able to compile things like Mozilla warez because of these clever hacks. These are nice until one day the entire address space is taken for memory. Yes people, even on 64 but machines not the entire 64 bird are given over to memory, because that's crazy talk... But every 12 years or seems two more bits go to memory. These kind of trucks will eventually be gone.

If I remember correctly, the IBM AS/400 and its descendants have done this for decades. Their pointers are extremely long. Disclaimer: my memory comes from the dim and distant past. Please correct me if I am mistaken.

Is pointer signing enough? It's still possible to do arbitrary function call: 1. Find an exploitable function. 2. Somehow read signed pointer to that function. 3. Overwrite the stack with a valid frame mimicking call to that function. 4. Overwrite LR to our signed pointer. 5. Return.

Cryptographic authentication of pointers... that's, um, interesting. Refusing to make fundamental changes to the architectures we still use leads to all kinds of delirious approaches. Completely separating return stacks from data stacks would solve 90% of all security issues due to stack corruption. You could still corrupt data, but not make the code go where it shouldn't. And if you add to that proper validation of your inputs everywhere it's at least moderately critical, you solve probably 99% of issues. There will always be this annoying 1% left, but it may be deluded to think we can get to 100% anyway. And, these changes would imply a bit more work for sure, both on CPU design and on software, so we prefer "enhanced status quo" (= do everything as usual, but with new tools).

I have been under impression that we don't access physical addresses anymore? That raises the question:does row pointers perform jump instruction to the address they point to, or they move instruction pointer to the said address?

1:02 that is not a pointer to data, that is a function pointer!

5:40 - it’s pretty common for the virtual & physical addresses to share the bottom N bits (ie. They aren’t remapped). Where N relates to the page size, as in 2^N. Your example is different - maybe you could have used 0x9e90 vs 0xface in the physical example? Actually for a 4K page side that’s just the 0xe90 part (12 bits). #JustThinkingOutLoud

Hey stupid question that you probably won't see but somewhat relevent to the video : how much of a security risk from cuda allowing to create memory buffer that is visible by both the GPU and CPU ? I'm asking myself that question because ( from my understanding) it's allocating memory and directly give access to the physical adress of the memory pointer so that both the GPU and CPU knows exactly where the data is. The gpu drivers then is supposed to keep this memory range allocated (cudaMallocHost) until you dealocate it(cudaFreeHost) ; however I remember a while back a bug that the drivers never dealocate the memory even if we deallocated the memory in the program. The result was that my benchmark program for gpu testing was able to crash a 128 GB computer with 2 xeon and 2 top of the line GPU at the time with SLI split in 2 numa banks. Also worked on a standard laptop. The test was benchmarking specifically targeting memory transfert between CPU & GPU and running it engough time it was able to reserve most of the memory to itself even after we stop the process. I followed the RAII principle using classes for all of the GPU related memory aquisition and using the standard library for anything else. I even mannaged to make a template that is able to alocate the correct type of memory for a CPU lambda that you want to send to the GPU, however the issue was still there afterwards.

when i was younger I thought for a while that signed integers have a signature (:

Interestingly I first herd about this at university, was in a security course. Didn't really go much deeper than this tbf.

I'm just learning, but would it be possible to limit the input that the user is able to input to prevent overflow before it can happen?

3:03 If hacker changed value of return address, they would do it inside of the "gets" function, meaning the "return" inside "gets" would execute malicious code, not the one inside main. That's also why I think your code at 7:12 is not secure, since you check MAC only after "gets" returns, which would be after the malicious code executes.

sounds like a lot of overhead

The really secure way to hold return pointers inside of registers instead of the stack registers, I am too lazy to search for the source but I am pretty Intel and Arm both work on this

What's the font you're using tho?

...Wouldn't shift-arithmetic on the pointer (sig = iptr >> 35) reveal it? And if the signing algo is public knowledge (it _will_ be whether it's intended or not), you could do shenanigans like (iptr = getSig(badptr)

modern CPUs and their NPUs allow direct memory access. So they seem like a perfect attack vector for privileged hardware (inside the CPU) that can run code easily... Like from a website doing some NN inference locally via webNN or something.

*_0xc00lbabeface_* you got me xD

Very cool information.

excellent video.

The Intel iAPX432 from 1981 and Capability based memory protection from the 1970s has entered the chat

Maybe I'm missing something, but what prevents an attacker from exploiting something else to get their pointer signed? The clang API has to result in actual machine code; why can't they execute the same code? I suppose that if currently, the most common path to exploitation is rop gadgets, then you can't start the execution of those via retaa. But I'll be surprised if no other path exists.

yeyeh, yubikey is awesome, but the services that don't allow you to register a second device as backup just suck.

When it comes to this types of vulnerabilities, the C/C++ was always mentioned, but I wanted to know: does programs written on Rust, Python, Javascript (Node.JS/Deno/Bun) can be hacked by changing pointers? Or those languages already used some sort of encryptions and doesn't need more protection than out-of-the-box?

I'm curious about how that signing works. Maybe it works against overwriting pointers using byte-by-byte or number over pointer writes. But I doubt it can save us from situations when code already writes pointers based on input. It sound more like randomization of memory layout, but with more predictable behavior.

20 years? We've had something more secure since 1963, and we're now starting to see it in consumer CPUs with CHERI and ARM Morello. Much stronger than simply signing a pointer, capability hardware can actually enforce memory safety (and even capability safety), and when well designed it's even faster than a traditional MMU.

Wouldn't it be simpler to just create an instruction for assigning pointer ranges (and an instruction for removing those ranges)?. The CPU can just store the addresses in a dedicated cache or dedicate a part of existing cache for the addresses. It already has something for page ranges so why not something for pointers within those pages. Personally I would like dynamic memory from malloc/new/etc to only be accessible via dedicated functions like memcpy or something. For example if you create a list with malloc the memory given should not be directly addressable but instead to get any element in the list you'd have to use memcpy to copy it into a stack variable. I'm currently designing an arena allocator with just such a property, it doesn't hand out addresses but offsets from the base address. My malloc replacement I made for testing purposes just adds the base address back because I can tell the arena on creation AND on growth that I don't want it to move. At the moment it uses actuall memory for it since I need to iron out bugs but later once I've got it working I'll convert it to a variant that uses something similar to /proc/self/mem. If I could make access to the file/pages require a key then I could protect them both from externally controlled read/writes. The problem would be how would debuggers be able to work on it then 🤔

would shadowstack achieve similar?

So if I understand correctly, it prevents bufferoverflows, but not out of bound reads or anything else. Return address spofing might also be a little bit tricky, after performing hooks.

what is your colorscheme in vim? I thought it was kanagawa but yours is more readable than mine. I mean eye friendly. Cool video. take care!!!

@lowleveltv at what point does the pointer get signed? Is there an opportunity to change the pointer at a stage before it gets signed?

I wonder if 128 bit machines are going to be come sooner than we think. If mitigations like signed pointers will become a thing, then the more bits in addresses etc, the better. The more bits for encryption, the better right? Or I guess, the better the algorithm, since FS EC is less bits than RSA right, like 256bits upwards?

Just sign every bit

Thats an interesting question

Who control the key? I need all my gigacycles.

Without watching the video, The MSB will become the signed bit. When the pointer is then passed, chaos will insue if the MSB is > 1.

If that sense, doesn't it means the "malicious pointer" still exists somewhere? So that mal-function can still have a signed pointer? How signing the pointer helps in that sense?

When they inject instructions, couldn't they just remove the authentication instructions since they're changing code paths anyway

You didn't mention one of the most important mitigations against buffer overflow vulnerabilities that would thwart this attack if it wasn't already, which I found quite disappointing from you. ASLR is enabled by default on Linux and basically all modern operating systems and randomizes where functions and ROP gadgets are, with this enabled, an attacker can't just disassemble the program, find the address of the function or ROP gadget you want to execute (in this case evil function), because the location and addresses of everything is randomized during runtime, which will likely result in the attack attempt getting a SEGV. Unless you can find a way to leak the ASLR base address, you're out of luck as an attacker.

stdio means standard data input output / standard input output

MTE (memory tagging extension) and memseal (make memory essentially unmodifiable) are better approaches to exploit protection in my opinion

btw what neovim are you using?, coloruscheme looks great

Firstly, as someone has said, I wonder what kind of impact this has on code execution. Because this is entirely done in hardware, from what I've read, I think the performance might not be that bad. However, I also KNOW that this kind of pointer authentication has already been successfully bypassed. Moreover, if you can modify the return address, there's a high likelihood that someone can modify retaa so that it returns without authentication.

Could you explain how triggering exceptions, like the hypervisor, changes execution states? Moving memory accesses that aren't already in the currently running program's address space should cause an exception that is on a hardware-enforced security measure, at the operating system level. ZEN Project comes to mind, but not sure if they actually use that mechanism. Most hardware has had unused VT hardware that has gone unused, because operating systems programmers felt it was unnecessary. I'm not so sure of that, but if what I imagine is true, then it would make a whole lot of old tech already a viable option for a more secure operating system without glow worms up in yo sheeeeeeeeeeit. Stay frosty, pals.

Which theme do you use in your vim editor

didnt the xbox 360 had something similar where the cache was used to hold the signature of the memory to detect tampering?

What would stop the hacker just overflowing the buffer to replace `retaa` with `ret`?

Signed pointers seems like a great idea, if only you didn't have to do it yourself in the source code. A compiler extension would be better.

thank you

16 bits is very small for a MAC, what's to stop the attacker from just brute forcing it?

I feel like I am missing something. Would it not be possible to "fix" the pointer by overwriting it with the original address before "retaa"?

What if RET wasn't "JMP RSP"

Hmm sort of a rare use case that will make code overall way slower than what one would possibly want.

The CPU architecture, the Arm AArch64, specifically offers the Memory Tagging Extension (MTE) feature. MTE is available in some newer Arm processors, such as those used in mobile devices with Armv8.5-A or later. This is a hardware enforced pointer enforcement that works with supported software. In the Armv8.3-A architecture, Arm introduced Pointer Authentication (PAC), which provides a mechanism to detect and prevent certain types of attacks that exploit code reuse, such as return-oriented programming (ROP) While PAC uses a cryptographic property for each memory address. MTE does not use encryption which makes it vulnerable to hardware attacks.

Lol, we already have shadow stacks? This would be way slower

I wonder how this handles systems where the programmer i.e. has an array of some struct referenced by a char pointer add 3*sizeof(the_struct) to some position in the array to get the bytes of the 4th struct instance in the array after the current pointer.

Isn't this the same exact mechanism targeted by the PACMAN exploit for M1 macs? Did ARM fix the vulnerability?

Memprotect is broken and will be fixed… with all pages handling user input permanently marked as non-executable in addition with a memory safe language there is much security to be gained. Hashing pointers needs hardware AND compiler support, it‘s going to take time.

I don't agree. I feel we need a new executable format entirely with a new kernel memory layout that is more secure. PE/COFF and ELF both came out around 1992 or 1993. about 64 bit. aren't our CPUs 48 bit or 57 bit for practical reasons?

Thats the drawback when going from CISC to RISC. This could be easily handled hardwired or in Microcode. Now we have to take all this shit

Okay, but did you see the Reddit post of the guy that bypassed his Yubikey with a paperclip and a piece of aluminum foil?

ARM already has similar spec called "memory tagging extension" what is advantage of this approach vs mte ?

So the real question is how good is the hashing function that you can't recover the key just from leaking 2 or 3 pointers. As it seems that there will be a compromise between this and execution speed, I fear the worst...

See MIT's PACMAN attack paper from 2022.