Dead store elimination (still) considered harmful

Zhaomo Yang, Brian Johannesmeyer, Anders Trier Olesen, Sorin Lerner, Kirill Levchenko

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

Dead store elimination is a widely used compiler optimization that reduces code size and improves performance. However, it can also remove seemingly useless memory writes that the programmer intended to clear sensitive data after its last use. Security-savvy developers have long been aware of this phenomenon and have devised ways to prevent the compiler from eliminating these data scrubbing operations. In this paper, we survey the set of techniques found in the wild that are intended to prevent data-scrubbing operations from being removed during dead store elimination. We evaluated the effectiveness and availability of each technique and found that some fail to protect data-scrubbing writes. We also examined eleven open source security projects to determine whether their specific memory scrubbing function was effective and whether it was used consistently. We found four of the eleven projects using flawed scrubbing techniques that may fail to scrub sensitive data and an additional four projects not using their scrubbing function consistently. We address the problem of dead store elimination removing scrubbing operations with a compiler-based approach by adding a new option to an LLVM-based compiler that retains scrubbing operations. We also synthesized existing techniques to develop a best-of-breed scrubbing function and are making it available to developers.

Original languageEnglish
Title of host publicationProceedings of the 26th USENIX Security Symposium
PublisherUSENIX Association
Pages1025-1040
Number of pages16
ISBN (Electronic)9781931971409
Publication statusPublished - 1 Jan 2017
Externally publishedYes
Event26th USENIX Security Symposium - Vancouver, Canada
Duration: 16 Aug 201718 Aug 2017

Publication series

NameProceedings of the 26th USENIX Security Symposium

Conference

Conference26th USENIX Security Symposium
Country/TerritoryCanada
CityVancouver
Period16/08/1718/08/17

Fingerprint

Dive into the research topics of 'Dead store elimination (still) considered harmful'. Together they form a unique fingerprint.

Cite this