WO2022135686A1

WO2022135686A1 - Method for securing a computing device from memory corruption and computing device

Info

Publication number: WO2022135686A1
Application number: PCT/EP2020/087576
Authority: WO
Inventors: Carlos CHINEA PEREZ
Original assignee: Huawei Technologies Co., Ltd.
Priority date: 2020-12-22
Filing date: 2020-12-22
Publication date: 2022-06-30

Abstract

A method for securing a computing device from memory corruption includes selecting a first register in a register bank of the computing device. A first message authentication code is generated for a first register value stored in the first register, and the generated first message authentication code is stored into a second register. The first register value and the first message authentication code are pushed into the memory of the computing device. The pushed first message authentication code is reloaded to a third register and the pushed first register value is reloaded to a fourth register from memory. A second message authentication code is calculated from the reloaded first register value. The second message authentication code and the reloaded first message authentication code are compared, and further execution of program code is aborted if the second message authentication code does not match the reloaded first message authentication code.

Description

METHOD FOR SECURING A COMPUTING DEVICE FROM MEMORY CORRUPTION AND COMPUTING DEVICE

TECHNICAL FIELD

[0001] The present disclosure relates generally to the field of storage systems and computer security and, more specifically, to methods and computing devices for securing computing devices from memory corruption.

BACKGROUND

[0002] Malicious attacks against computing systems have become relentless in recent years. In the computing devices that execute software, the most common attack method is to exploit memory corruption vulnerabilities. In computing devices, typically all computations are register-driven, i.e., a machine code that defines a software program involves moving information between registers and memory (e.g. memory addresses) and performing arithmetic or logical operations on those registers. Generally, there is a limited resource in terms of number of registers available in register banks (e.g. processor registers). Thus, when a compiler translates a programming language into a machine code, one of the problems to consider is register assignment, i.e., which local and global data or pointers get to occupy which register at what point of time. Depending on the machine code that is being compiled, a conventional computing device may face high register pressure, i.e., the size of the register bank is simply too small to hold all the values the compiler might want to maintain in registers at a given point of the program during its execution. When this happens, a conventional computing device (e.g. a compiler) must resort to a process called register spilling, i.e., some register contents must be temporarily moved, i.e., spilled, to memory, even though the computation with those values likely is not completed yet, to make space for other values (to be moved in from memory) that are more urgently needed for computation at this specific location in the code. Typically, at a later point in time, the temporarily spilled data must be read back, to complete the original computation.

[0003] Besides register pressure, application binary interface (ABI) conformance may also force the conventional computing device to move (i.e. spill) register values into the memory. For example, the ABI can define a subset of registers, the values of which, if used in a function, need to be saved and restored, before and after execution of the function, to ensure correct execution of the program on function calls. Typically, a programmer has little control or no control on the register spills and, in many cases, may not even be aware that a certain variable was spilled temporarily into a stack (i.e. a linear data structure which follows a specific order in which the operations are performed) in memory. This behavior, combined with a memory corruption attack on the stack, may put at risk sensitive data that is otherwise thought to be safe. Thus, in conventional computing devices, an attacker may exploit memory corruption vulnerabilities by installing a memory corruption bug on register spills, which is not desirable.

[0004] Currently, some mechanisms have been proposed to protect data integrity in the stack, for example, stack canaries, shadow stack, and pointer authentication mechanisms. In an example, the stack canaries refer to a mechanism where an integer value (known as a canary value or simply canaries) is injected in every stack frame to detect a stack buffer overflow. Generally, canaries are intended to protect a whole stack frame (with several values) and rely on the fact that any changes on the stack frame will likely modify the canaries. However, an attacker, by using a malicious code, may control the location to write (e.g. may take control of an index) and may then specifically change the location without changing the canary. Further, if the value of the canary is leaked (i.e. becomes accessible), the attacker can then change any value in the stack, thereby causing memory corruption. In other words, the stack canaries may fail to detect any targeted change by an attacker.

[0005] In another example, the shadow stack refers to a mechanism where a second stack (i.e. a shadow stack) is created in a secret location in memory which stores return addresses (memory addresses) from the original stack. When a program function returns, the return address is taken from the shadow stack, instead of the original stack. This prevents an attacker from taking control of the flow of execution using a buffer overrun, because the return address is stored in another location. However, in this case, the location of the shadow stack needs to be kept secret and protected, which is again computational resource intensive and cost intensive. Otherwise, an attacker can change the shadow attack in a similar fashion as a normal stack.

[0006] In yet another example, the pointer authentication mechanism refers to a mechanism that is designed to enforce integrity of pointers, where some unused bit of a pointer is used to store an authentication code. The pointer authentication mechanism is targeted to protect only pointers (i.e. registers containing memory addresses), but it cannot protect registers holding data (any value) in general. In other words, the malicious attacks that exploit memory corruption vulnerabilities may leak vital information like the secret canary or the secret address where the shadow stack is located or may corrupt the registers holding data. Thus, the existing mechanisms, methods, or systems fail to provide adequate security to a conventional computing device from memory corruption.

[0007] Therefore, in light of the foregoing discussion, there exists a need to overcome the aforementioned drawbacks associated with conventional computing devices and methods for securing computing devices from memory corruption.

SUMMARY

[0008] The present disclosure provides a method for securing a computing device from memory corruption. The present disclosure further provides a computing device that is secured from the memory corruption. The present disclosure provides a solution to the existing problem of inadequate security and risk to a computing device from memory corruption (e.g. an attacker exploiting memory corruption vulnerabilities by installing a memory corruption bug on register spills). An objective of the present disclosure is to provide a solution that overcomes at least partially the problems encountered in the prior art, and to provide an improved method and computing device that adequately secures the computing device from memory corruption (e.g. prevents exploitation of memory corruption vulnerabilities, such as caused by using memory corruption bug on register spills).

[0009] One or more of the objectives of the present disclosure is achieved by the solutions provided in the enclosed independent claims. Advantageous implementations of the present disclosure are further defined in the dependent claims.

[0010] In one aspect, the present disclosure provides a method for securing a computing device from memory corruption, the computing device comprising a register bank, a memory, and a computing module for executing a program code. The method comprises selecting a first register in the register bank, generating a first message authentication code for a first register value stored in the first register, and storing the generated first message authentication code to a second register of the register bank. The method further comprises pushing the first register value stored in the first register and the first message authentication code stored in the second register into the memory. The method further comprises reloading the pushed first message authentication code to a third register and the pushed first register value to a fourth register from the memory. The method further comprises calculating, from the reloaded first register value, a second message authentication code, and comparing the calculated second message authentication code and the reloaded first message authentication code. The method further comprises aborting a further execution of the program code if, based on the comparison, the calculated second message authentication code does not match the reloaded first message authentication code.

[0011] The method of the present disclosure provides an effective and adequate security to the computing device from the memory corruption. The method prevents any exploitation of memory corruption vulnerabilities, such as caused by using memory corruption bug by an attacker on register spills (i.e. register values that are spilled to the memory). The method generates and stores a message authentication code with the register value during its spilling into the memory. Further, the message authentication code is recalculated and compared with previous message authentication code upon reloading of the register value to determine any modification made in the register value during spilling. Beneficially, the execution of the program code is aborted upon detection of aforesaid modification to protect the computing device from memory corruption. The method provides a capability to the computing device to protect not only the registers that contains memory addresses but can also protect registers holding data (i.e. any value) in comparison to conventional technologies, which protect only addresses to to some to some extent. Advantageously, the method provides a finer protection at the register level, e.g., it protects values of register spills, in contrast to a coarse protection offered by conventional technologies. As a result, the method significantly improves the security of the computing device against malicious attacks that exploit memory corruption vulnerabilities.

[0012] In an implementation form, the selecting of the first register in the register bank comprises estimating whether a number of registers in the register bank is insufficient to store a given number of register values at a given time during execution of the program code.

[0013] Beneficially, the estimation further enables the method to selectively monitor the register value(s) during spilling in the memory and protects the computing device from memory corruption.

[0014] In a further implementation form, selecting of the first register in the register bank further comprises determining that the first register value stored in the first register is required to be pushed in the memory.

[0015] The determination that the first register value stored in the first register is required to be pushed in the memory enables in proactively making space in the register bank for computation of other values.

[0016] In further implementation form, the generating of the first message authentication code comprises using a salt value and a cryptographic key to generate the first message authentication code for the first register value, wherein the cryptographic key is associated with a defined privilege level in the computing device to secure the cryptographic key.

[0017] The salt value concatenated with the cryptographic key enables generating the message authentication code. Moreover, the cryptographic key is associated with a defined privilege level in the computing device to secure the cryptographic key. In other words, the method does not rely on keeping secrets (e.g. the cryptographic key in this case) at the same privilege level of the register values or memory locations, like the conventional technologies, such as the stack canaries or shadow stack. As a result, the method provides a capability to the computing device to be immune to attacks that can read any memory location in the same privilege level.

[0018] In a further implementation form, the method further comprises continuing a further execution of the program code if, based on the comparison, the calculated second message authentication code matches the reloaded first message authentication code.

[0019] By virtue of comparison between the calculated second message authentication code and the reloaded first message authentication code, the method of the present disclosure determines if the register value is attacked and manipulated in the memory. If, based on the comparison, the calculated second message authentication code and the reloaded first message authentication code are the same, the program code is further executed, else the program code is aborted, thereby safeguarding the computing device from memory corruption.

[0020] In a further implementation form, the method further comprises determining, based on a preconfigured setting in the computing device, whether to secure all register values pushed into the memory or to secure one or more register values stored in corresponding registers of the register bank that are marked to be secured.

[0021] By virtue of the preconfigured setting in the computing device, the method provides a flexibility in terms of default selection to secure all register values pushed into the memory or to secure only designated register values stored in corresponding registers that are marked to be secured.

[0022] In a further implementation form, the first register is a callee-saved register.

[0023] The callee-saved register is a register whose register value needs to be protected from an attack during spilling of the register value. The callee-saved register is selected to generate the message authentication code for the register value and abort the execution of program code if there is any modification in value of the callee-saved register to protect computing device from memory corruption.

[0024] In a further implementation form, the second message authentication code is stored in a fifth register.

[0025] The second message authentication code is stored in the fifth register to enable comparison with reloaded first message authentication code stored in the fourth register. Further, based on the comparison, the program code can be aborted dynamically and effectively in real time or near-real time if there is any mismatch between the second message authentication code and the reloaded first message authentication code.

[0026] In another aspect, the present disclosure provides a computing device, comprising a register bank, a memory, and a processor for execution of a program code. The processor is configured to select a first register in the register bank, generate a first message authentication code for a first register value stored in the first register, and store the generated first message authentication code to a second register of the register bank. The processor is further configured to push the first register value stored in the first register and the first message authentication code stored in the second register into the memory. The processor is further configured to reload the pushed first message authentication code to a third register and the pushed first register value to a fourth register from the memory, and calculate, from the reloaded first register value, a second message authentication code. The processor is further configured to compare the calculated second message authentication code and the reloaded first message authentication code, and abort a further execution of the program code if, based on the comparison, the calculated second message authentication code does not match the reloaded first message authentication code.

[0027] The computing device of the present disclosure provides an effective and adequate security from the risk of memory corruption of the computing device at the time of execution of a program code. The computing device prevents exploitation by an attacker who may install a memory corruption bug on register spills. The computing device, via the processor, generates and stores a message authentication code with the register value during its spilling into the memory. Further, the message authentication code is recalculated and compared, by the processor, with the previous message authentication code upon reloading of the register value to determine any modification made in the register value during spilling. Beneficially, the processor aborts execution of the program code upon detection of aforesaid modification to protect the computing device from memory corruption. The computing device protects not only the registers that contain memory addresses but can also protect registers holding data (i.e. any value) in comparison to conventional technologies, which protect only addresses to some extent. Advantageously, the computing device provides a finer protection at the register level (e.g. protects values of register spills) in contrast to a coarse protection offered by conventional technologies, and significantly improves security against malicious attacks that exploits memory corruption vulnerabilities.

[0028] In an implementation form, the processor is further configured to estimate whether a number of registers in the register bank is insufficient to store a given number of register values at a given time during execution of the program code for the selection of the first register in the register bank.

[0029] Beneficially, the estimation further enables the processor to selectively monitor the register value(s) during spilling in the memory and protects the computing device from memory corruption.

[0030] In a further implementation form, the processor is further configured to determine that the first register value stored in the first register is required to be pushed in the memory for the selection of the first register in the register bank.

[0031] The determination that the first register value stored in the first register is required to be pushed in the memory enables proactively making space in the register bank for computation of other values, and avoids crash during installation of the program code.

[0032] In a further implementation form, the processor is further configured to use a salt value and a cryptographic key to calculate the first message authentication code for the first register value for generation of the first message authentication code, wherein the cryptographic key is associated with a defined privilege level in the computing device to secure the cryptographic key.

[0033] As the salt value (e.g. a defined value) is concatenated with the cryptographic key, an extra level of security is provided to generate the message authentication code. Moreover, the cryptographic key is associated with a defined privilege level (e.g. a different privilege level than privilege level of memory locations where register values are stored). Thus, the computing device does not rely on keeping secrets (e.g. the cryptographic key in this case) at the same privilege level of the register values or memory locations, like the conventional technologies, such as the stack canaries or shadow stack. As a result, the computing device is immune to attacks that can read any memory location in the same privilege level. [0034] In a further implementation form, the processor is further configured to continue a further execution of the program code if, based on the comparison, the calculated second message authentication code matches the reloaded first message authentication code.

[0035] By virtue of comparison between the calculated second message authentication code and the reloaded first message authentication code, the processor determines if the register value is attacked in the memory. If, based on the comparison, the calculated second message authentication code and the reloaded first message authentication code are the same, the program code is further executed by the processor, thereby safeguarding the computing device from memory corruption.

[0036] In a further implementation form, the processor is further configured to determine, based on a preconfigured setting in the computing device, whether to secure all register values spilled into the memory or secure one or more register values stored in corresponding registers of the register bank that are marked to be secured.

[0037] By virtue of the preconfigured setting in the computing device, selection can be made of the register value which specifically needs to be protected when pushed into the memory. As a result, message authentication code of only such registers is calculated to protect the computing device from memory corruption, thereby saving additional computational resources.

[0038] In a further implementation form, the first register is a callee-saved register.

[0039] The callee-saved register is a register whose register value needs to be protected from an attack when spilled into the memory. The callee-saved register is selected to generate the message authentication code for the register value of the callee-saved register and abort the execution of program code if there is any modification of callee-saved register to protect computing device from memory corruption.

[0040] In a further implementation form, the calculated second message authentication code is stored in a fifth register.

[0041] The calculated second message authentication code is stored in the fifth register to enable the processor to compare the calculated second message authentication code with the reloaded first message authentication code stored in the fourth register. Thus, based on the comparison, the program code can be aborted dynamically and effectively in real time or near-real time if there is any mismatch between the second message authentication code and the reloaded first message authentication code. [0042] In yet another aspect, the present disclosure provides a computer program product comprising a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computing device comprising a processor to execute aforementioned method.

[0043] The computer program product of the present disclosure achieves all the advantages and effects of the aforementioned aspects.

[0044] It will be appreciated that all implementation forms discussed hereinabove can be combined. It has to be noted that all devices, elements, circuitry, units and means described in the present application could be implemented in software or hardware elements or any kind of combination thereof. All steps which are performed by the various entities described in the present application, as well as the functionalities described to be performed by the various entities, are intended to mean that the respective entity is adapted to or configured to perform the respective steps and functionalities. Even if, in the following description of specific embodiments, a specific functionality or step to be performed by external entities is not reflected in the description of a specific detailed element of that entity which performs that specific step or functionality, it should be clear for a skilled person that these methods and functionalities can be implemented in respective software or hardware elements, or any kind of combination thereof. It will be appreciated that features of the present disclosure are susceptible to being combined in various combinations without departing from the scope of the present disclosure as defined by the appended claims.

[0045] Additional aspects, advantages, features and objects of the present disclosure would be made apparent from the drawings and the detailed description of the illustrative implementations construed in conjunction with the appended claims that follow.

BRIEF DESCRIPTION OF THE DRAWINGS

[0046] The summary above, as well as the following detailed description of illustrative embodiments, is better understood when read in conjunction with the appended drawings. For the purpose of illustrating the present disclosure, exemplary constructions of the disclosure are shown in the drawings. However, the present disclosure is not limited to specific methods and instrumentalities disclosed herein. Moreover, those in the art will understand that the drawings are not to scale. Wherever possible, like elements have been indicated by identical numbers. [0047] Embodiments of the present disclosure will now be described, by way of example only, with reference to the following diagrams wherein:

FIG. 1A and FIG. 1 B, collectively, illustrate a flowchart of a method for securing a computing device from memory corruption, in accordance with an embodiment of the present disclosure;

FIG. 2 is an illustration of exemplary components of a computing device, in accordance with an embodiment of the present disclosure;

FIG. 3 is an illustration of an exemplary scenario for implementation of the method for securing a computing device from memory corruption, in accordance with an embodiment of the present disclosure;

FIG. 4 is an illustration of an exemplary program code section executed to secure a computing device from memory corruption, in accordance with an embodiment of the present disclosure; and

FIG. 5 is an illustration of an exemplary assembly code executed to secure a computing device from memory corruption, in accordance with an embodiment of the present disclosure.

[0048] In the accompanying drawings, an underlined number is employed to represent an item over which the underlined number is positioned or an item to which the underlined number is adjacent. A non-underlined number relates to an item identified by a line linking the nonunderlined number to the item. When a number is non-underlined and accompanied by an associated arrow, the non-underlined number is used to identify a general item at which the arrow is pointing.

DETAILED DESCRIPTION OF EMBODIMENTS

[0049] The following detailed description illustrates embodiments of the present disclosure and ways in which they can be implemented. Although some modes of carrying out the present disclosure have been disclosed, those skilled in the art would recognize that other embodiments for carrying out or practicing the present disclosure are also possible.

[0050] FIG. 1A and 1 B collectively illustrate a flowchart of a method 100 for securing a computing device from memory corruption, in accordance with an embodiment of the present disclosure. The method 100 is executed at a computing device described, for example, in FIG. 2. The method 100 includes steps 102, 104, 106, 108, 110, 112, and 114. [0051] At step 102, the method 100 comprises selecting a first register in a register bank. The register bank includes a plurality of registers, where each register is configured to store a register value of n-bits (e.g. a data value or an address) during execution of a program code in the computing device. The plurality of registers of the register bank provides quickly accessible storage location, for example, to a processor of the computing device. In an example, the plurality of registers is used to store and transfer data and instructions that is used during execution of the program code by the processor of the computing device. The first register is selected to monitor the contents of first register for any modifications to secure the computing device from memory corruption during execution of the program code.

[0052] Typically, all computations of the computing device are register-driven (i.e. a machine code that defines the program code in the computing device involves moving information between registers and a memory (addresses) of the computing device, and also involves performing arithmetic or logical operations on those registers. For example, in Reduced Instruction Set Computer (RISC) processors there are typically several general- purpose registers in their register banks. However, due to insufficient storage space of the registers, generally data or instructions stored in some registers of the register bank is transferred to a different location (that is the memory of the computing device) while executing the program code. Generally, there is a limited resource in terms of number of registers available in register banks (e.g. processor registers), and the computing device may perform a process called register spilling, in which some register contents is temporarily moved (i.e. spilled) to the memory of the computing device from the register bank to make space for other values (to be moved in from memory) that are more urgently needed for computation at this specific location in the code. Besides, register pressure, application binary interface (ABI) conformance may also force the computing device to move (i.e. spill) register values into the memory. Typically, a programmer has little control or no control on the register spills and in many cases may not even be aware that certain variable was spilled temporarily into a stack of the memory. The stack refers to a linear data structure which follows a specific order in which the operations are performed in the memory.

[0053] In contradiction to the conventional methods, the method 100 of the present disclosure secures the computing device from memory corruption and prevents any exploitation of memory corruption vulnerabilities, such as caused by using memory corruption bug by an attacker on register spills (i.e. register values that are spilled to the memory). The term memory corruption refers to any modification that are made, by an unauthorized user, in a program code that changes contents of memory location in the program code. Such memory corruption is undesirable. The computing device of the present disclosure includes the register bank, the memory and a computing module for executing the program code. The memory is configured to receive the data or instructions that are transferred from the registers of the register bank. The memory may be a persistent or a non-persistent memory. The memory includes one or more memory stacks (simply referred to as stacks). The computing module is configured to execute the program code in the computing device. The computing module refers to a processor, described in detail, for example, in FIG. 2.

[0054] According to an embodiment, the selecting the first register in the register bank comprises estimating whether a number of registers in the register bank is insufficient to store a given number of register values at a given time during execution of the program code. Such estimation is performed by determining a maximum possible number of registers which will be required for executing the program code at a given time. Further, the maximum possible number of required registers is compared with the number of registers in the register bank. If the maximum possible number of required registers is more than or equal to the number of registers in the register bank, the number of registers in the register bank is sufficient. If the maximum possible number of required registers is less than the number of registers in the register bank, the number of registers in the register bank is insufficient. Further, if the number of registers in register bank is insufficient then the contents of the one or more registers is transferred to a different location (e.g. the memory) during executing of the program code.

[0055] According to an embodiment, the selecting the first register in the register bank further comprises determining that the first register value stored in the first register is required to be pushed in the memory. Based on the estimation whether the number of registers in register bank are sufficient or insufficient, if the number of registers is insufficient, the first register value (i.e. content) in the first register is identified to be pushed into the memory. As a result, the first register has empty space to occupy a different register value for the execution of the program code.

[0056] According to an embodiment, the first register is a callee-saved register. The term callee-saved register refers to a register used by a function, where register value (i.e. content) of the register needs to be preserved during execution of the program code. In other words, the callee-saved register is a register that a function (e.g. a program function) needs to preserve its value during its execution. This is done by saving a copy of the original register value when entering the function in the memory (into a stack) of the computing device and restoring the register value from memory when exiting the function.

[0057] At step 104, the method 100 comprises generating a first message authentication code for a first register value stored in the first register. In an implementation, when the computing device (specifically, a compiler of the computing device) has decided to spill a register such as the first register, the computing device generates a code to save the first register value and restore the first register value when needed. The present disclosure changes spill generation stages of the compiler by inserting an authentication code (i.e. a message authentication code) along with the code to save and restore the register to/from the memory. Beneficially, the message authentication code is unforgeable. The message authentication code is also referred as MAC. The MAC such as the first message authentication code is stored in the memory along with the spilled register such the first register value. In an example, the computing device causes its compiler to provide instructions to generate the first message authentication code. In an example, the message authentication code is generated based on dedicated instruction and keys (cryptographic keys) that are protected in another higher level (or protected with the help of higher privileged level). In another example, an additional software may be used for generation of the message authentication code.

[0058] According to an embodiment, the generating the first message authentication code comprises using a salt value and a cryptographic key to generate the first message authentication code for the first register value, wherein the cryptographic key is associated with a defined privilege level in the computing device to secure the cryptographic key. In an example, the salt value is potentially a defined value, such as a known value or a prespecified value. In another example, the salt value may be an additional value, such as a stack address where the spill is located, a function identity (ID), a combination of both, or other specified alphanumeric (or numeric) values. As the salt value is concatenated with the cryptographic key, this provides an extra level of security to generate the message authentication code. Moreover, the computing device, using its operating system, generally randomly chooses a secret cryptographic key every time the method is executed, and thus having a fixed or known salt value do not have any adverse impact on security. It is to be understood by a person of ordinary skill in the art that the salt value can be generated on run time (e.g. during compilation time) without limiting the scope of the disclosure, however, such run time generation, although possible, may increase some complexity in terms of storing the random value. Each of the salt value and the cryptographic key are concatenated together and processed with a cryptographic hash function to form the message authentication code. The first message authentication code is stored in the first register instead of directly storing the cryptographic key. As a result, the cryptographic key is protected from any attacks made to corrupt the data during storage of register value in memory upon spilling of the register. [0059] At step 106, the method 100 comprises storing the generated first message authentication code to a second register of the register bank. The second register in which the generated first message authentication code is stored is different from the first register in which the first register value is stored. The generated first message authentication code is stored in the second register to enable transferring of the first message authentication code along with the first register value to the memory of the computing device. In an example, the generated first message authentication code is stored to the second register to enable associating the first message authentication code with the first register value in the memory and identifying the first message authentication code upon restoring of the first message authentication code and the first register value from the memory. In another example, instead of using two registers (i.e. the first register to store the register value and the second register to store the generated first message authentication code), a single register, such as the first register is potentially used. In such a case, the second register is same as the first register. For instance, the register value in the first register is potentially first pushed into the stack (stack in memory), and then the first message authentication code is calculated, where the first register then can be used as a source as well as a destination register. This will clobber (i.e. overwrite or remove) the original register value in the first register with the first message authentication code (MAC) value, but this is not an issue as the register value is already stored in the memory (and as previous value of the first register becomes clobbered (i.e. removed) anyway for another computation). Thereafter, the first message authentication code (MAC) value MAC currently in the first register is then also pushed to the memory. Thus, in this way it is possible to use only one register instead of two.

[0060] At step 108, the method 100 comprises pushing the first register value stored in the first register and the first message authentication code stored in the second register into the memory. The register values are temporarily pushed (i.e. spilled) to the memory (even though the computation with those values likely is not completed yet) to make room for other values (to be moved in from memory) that are more urgently needed for computation at this specific location in the code due to register pressure. Later, the spilled register values are read back, to complete computation of the program code. Moreover, besides, register pressure, Application Binary Interface (ABI) conformance, can also force the compiler to push register values into the memory. For example, the ABI can define a subset of registers, which if used in a function, their values need to be saved and restore, before and after execution of the function, to ensure correct execution of program on function calls.

[0061] The pushing of the first register value and the first message authentication code is also referred to as spilling of a given register. The first register value is pushed into the memory as the number of registers of the register bank are less in comparison to number of register values required for execution of the program code. In an example, the computing device is configured to provide instructions to push the first message authentication code stored in the second register into the memory. The pushing of the first message authentication code along with the first register value ensure that if there is any tampering of the first register value in the memory it can be detected by recalculating of the message authentication code and comparing with the first message authentication code pushed in the memory. In an example, the first register value and the first message authentication code are inserted, stored and retrieved in the memory in a First In First Out (FIFO) format. In such an example, the first register value is inserted first into the memory and the first message authentication code is inserted second into the memory. At a time of restoring, the first register value is restored first and the first message authentication code is restored second. In another example, the first register value and the first message authentication code are inserted, stored and retrieved in the memory in a Last-In First-Out (LIFO) format. In such an example, the first register value is inserted first into the memory and the first message authentication code is inserted second into the memory. At a time of restoring, the first message authentication code is restored first and the first register value is restored second.

[0062] Typically, a programmer has little control or no control on the register spills and in many cases the programmer may not even be aware that certain variable was spilled temporarily into the memory stack. This combined with a memory corruption attack on the memory stack, can put at risk sensitive data that the programmer thought to be safe. The table 1 below illustrates an exemplary code. The exemplary code indicates how values can temporarily be spilled at a given point due to register pressure or ABI conformance. A buffer overflow during execution can allow an attacker to change the value of spilled values, while stored on the stack.

Table 1

Beneficially, the method 100 of the present disclosure protects the computing device from such memory corruptions.

[0063] At step 110, the method 100 further comprises reloading the pushed first message authentication code to a third register and the pushed first register value to a fourth register from the memory. The first message authentication code that is associated with the first register value are reloaded from the memory to designated registers of the register bank. In this case, the pushed first message authentication code is reloaded to the third register and the first register value is reloaded to the fourth register. In an example, the computing device is configured to provide instructions for reloading (i.e. restoring) of the first register value along with the first message authentication code. In an example, the first register value is reloaded after two or more registers in the register bank are empty and free for receiving data. The first register value is reloaded to enable execution of the program code via the register values stored in registers of the register bank. Moreover, other register values and their respective message authentication code are potentially also reloaded. In an example, such other register values are reloaded consecutively after reloading of the first register value.

[0064] At step 112, the method 100 further comprises calculating a second message authentication code from the reloaded first register value. In an example, the computing device provides instructions to generate the second message authentication code. The message authentication code of the first register value is recalculated after reloading of the first register value to determine if the first register value is changed or tampered when stored in the memory. The second message authentication code is generated in a similar way as the generation of the first message authentication code.

[0065] According to an embodiment, the second message authentication code is stored in a fifth register. At this point, the first message authentication code is present in the third register, the pushed first register value is present in the fourth register, and thus the calculated second message authentication code is stored in another register, such as the fifth register. In an implementation, the second message authentication code is stored in the fifth register of the register bank to enable association of the second authentication code with the reloaded first register value and the first message authentication code. [0066] It is to be noted that the first register and the second register of the register bank can be reused as the third register, the fourth register, or the fifth register. This is due to the fact that when the register values from the first register and the second register have been pushed into the memory, the registers (i.e. the first register and the second registers) are empty and if still available when reloading values, same physical registers (i.e. the first register and the second register) can be used. In other words, in an implementation, there is no need to have five registers, and that three or four registers may be adequate to implement the method 100. Thus, in an implementation, the third register is physically a same register as of the second register to store the first message authentication before reloading and after reloading. Similarly, the fourth register and the first register are physically a same register configured to store the first register value before and after reloading.

[0067] In an implementation, it is possible to use only two registers, instead of three when checking the integrity of a register value. For example, the trick is to load the original register value and the associated message authentication code (MAC) into two registers (e.g. the first register and the second register). Then, the message authentication code is potentially recalculated based on the original register value, where the recalculated message authentication code (i.e. result) is stored in the same register that is used to store the original register value. For instance, if the first register has the register value and the second register has the message authentication code, the first register can be used to store the recalculated message authentication code (i.e. the second message authentication code). Then, the comparison between the two message authentication codes in the two registers may be executed. In case of success, the original register value from the memory is reloaded into its associated register (e.g. the first register). However, in some scenarios, in this approach of using two registers only, especially, in multi-threading environments, there may be a potential Time-of-Check Time-of-Use (TOCTOll) challenge, where a malicious controlled thread may overwrite the original register value exactly when the integrity is being checked. This means that the operation of checking (or comparison) can be a success, but a different value may be loaded from memory at the end of checking. In other words, this approach may open a possibility of a race condition (known in the art), especially in multi-thread words. Thus, it is to be understood by a person of ordinary skill in the art that it is still possible to use only two registers, instead of three or more than three when checking the integrity of a register value, without limiting the scope of the disclosure. Although, using two registers in some scenarios, like in multi-threading environments, there may be a potential TOCTOll challenge.

[0068] At step 114, the method 100 further comprises comparing the calculated second message authentication code and the reloaded first message authentication code. The comparison of the two message authentication codes generated before and after reloading of the first register value enables to validate the reloaded first register value. The comparison enables in determining if there was any manipulation of the first register value, for example, due to malicious attacks on the memory which may have been modified or tampered the previously spilled first register value in the memory. Such modification or tampering are accurately detected based on the comparison to protect the computing device from memory corruption. Beneficially, the method protects integrity of the register values temporarily spilled into the memory via such comparisons. In an example, if there is an attack on the spilled register value (i.e. the first register value) stored in the memory, the calculated second message authentication code is different from the first message authentication code. In another example, if there is no attack on the spilled register value stored in the memory, the calculated second message authentication code is same as the first message authentication code, and integrity is confirmed. In an example, the computing device provides instructions for validation of the register value by comparing the second message authentication code and the first message authentication code.

[0069] At step 116, the method 100 further comprises aborting a further execution of the program code if, based on the comparison, the calculated second message authentication code does not match the reloaded first message authentication code. The mismatch of the second message authentication code with respect to reloaded first message authentication code indicates that the first register value was modified in the memory, for example, due to a malicious code or any memory corruption attack. The program code is aborted so that a further execution of the program code is stopped to protect the computing device from memory corruption. In other words, the method prevents further execution of program code when integrity check fails. For example, the modification of the first register value in the memory may result in the hardware or software failures in the computing device, deletion of crucial data, hacking of data in the computing device. In an example, if the validation of the reloaded first register value by comparing the first message authentication code and the second authentication code fails, the computing device (e.g. using compiler) is configured to provide instructions so that the program code execution is aborted in a controlled manner.

[0070] Beneficially, the method 100 of the present disclosure provides a finer protection, in contrast to a coarse protection offered by conventional technologies (such as a stack canary). If an attacker modifies the value of the register that is spilled, the change will be detected, as the recalculated message authentication value will mismatch with the message authentication value stored in the memory. Beneficially, the method 100 also protects the registers storing data as well as registers storing addresses in contrast to conventional technologies, (such as pointer authentication) that protects only pointers (addresses). Furthermore, beneficially, the present disclosure, does not rely on keeping secrets at the same privilege level, like in conventional technologies (such as stack canaries or shadow stack). As a result, the present disclosure, is immune to attacks that can read any memory location in the same privilege level, and thereby prevents leak of vital information.

[0071] According to an embodiment, the method further comprises continuing a further execution of the program code if, based on the comparison, the calculated second message authentication code matches with the reloaded first message authentication code. The match of the second message authentication code with respect to reloaded first message authentication code indicates that the first register value was unmodified in the memory. The program code is further executed to enable completion of a defined task associated with the program code. Beneficially, the method 100 protects integrity of the register values temporarily spilled into memory (i.e. memory stack). The method 100 employs an unforgeable message authentication code to detect any changes in the original spilled register values and prevents further execution when integrity check fails. In comparison to the conventional technologies such as linear buffer overflow, the method 100 does not assume any attack pattern to protect integrity of register value(s).

[0072] According to an embodiment, the method further comprises determining, based on a preconfigured setting in the computing device, whether to secure all register values pushed into the memory or to secure one or more register values stored in corresponding registers of the register bank that are marked to be secured. The computing device is configured to decide, depending on a configurable option whether to protect unconditionally all the registers spills or to protect only those registers a user (e.g. a programmer) marks to be protected. In an example, the register values that are to be secured is determined based on an importance value of the register value that is set by a user such that the register values having importance value greater than a threshold are marked as to be secured. The message authentication code is generated for each of the register values that are marked to be secured. Further, each of such message authentication code along with respective register value is stored in the memory.

[0073] The steps 102 to 116 are only illustrative and other alternatives can also be provided where one or more steps are added, one or more steps are removed, or one or more steps are provided in a different sequence without departing from the scope of the claims herein. [0074] In one aspect, a computer program product is provided comprising a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computing device comprising a processor to execute the method 100. Examples of implementation of the non-transitory computer-readable storage medium include, but is not limited to, Electrically Erasable Programmable Read-Only Memory (EEPROM), Random Access Memory (RAM), Read Only Memory (ROM), Hard Disk Drive (HDD), Flash memory, a Secure Digital (SD) card, Solid- State Drive (SSD), a computer readable storage medium, and/or CPU cache memory. A computer readable storage medium for providing a non-transient memory may include, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing.

[0075] FIG. 2 is an illustration of exemplary components of a computing device, in accordance with an embodiment of the present disclosure. FIG. 2 is described in conjunction with FIG. 1. With reference to FIG. 2, there is shown a computing device 200. The computing device 200 includes a processor 202, a memory 204, a register bank 206, input/output (I/O) components 208, and a transceiver 210.

[0076] The processor 202 is configured to execute a program code and secure the computing device 200 from memory corruption during execution of program code. The processor 202 may also be referred to as a computing module. In an implementation, the processor 202 is configured to execute instructions stored in the memory 204. In an example, the processor 202 may be a general-purpose processor. Other examples of the processor 202 may include, but is not limited to a microprocessor, a microcontroller, a complex instruction set computing (CISC) processor, an application-specific integrated circuit (ASIC) processor, a reduced instruction set (RISC) processor, a very long instruction word (VLIW) processor, a central processing unit (CPU), a state machine, a data processing unit, and other processors or control circuitry. Moreover, the processor 202 may refer to one or more individual processors, processing devices, or a processing unit that is part of a machine, such as the computing device 200.

[0077] The memory 204 refers to a storage system of the computing device 200 that is configured to store spilled register values of the register bank 206. In an implementation, the memory 204 may include a first memory and a second memory. The first memory may be a random-access memory (RAM) that stores the spilled register values of the register bank 206, whereas the second memory may be a Hard Disk Drive (HDD), or Solid-State Drive (SSD) that stores a compiler and instructions that are executable by the processor 202. Other examples of implementation of the memory 204 may include, but are not limited to, Electrically Erasable Programmable Read-Only Memory (EEPROM), Random Access Memory (RAM), Read Only Memory (ROM), Hard Disk Drive (HDD), Flash memory, Solid-State Drive (SSD), and/or CPU cache memory. The memory 204 (e.g. the second memory) may store an operating system and/or other program products (including one or more operation algorithms) to operate the computing device 200.

[0078] The register bank 206 includes suitable logic, circuitry, and interfaces that are configured to store data or instructions associated with execution of the program code. The register bank 206 includes a plurality of registers to store the data or instructions. The plurality of registers of the register bank provides quickly accessible storage location, for example, to the processor 202 of the computing device 200. Examples of register bank 206 include but are not limited to instruction register, memory buffer register, memory address register, memory data register, or a combination thereof. In an example, each register bank 206 has a size associated therewith based on which a fixed number of bits are stored at a given time. For example, a 32-bit register bank stores 32 bits of register values and a 64-bit register bank stores 64 bits of register values.

[0079] The I/O components 208 refer to input and output components (or devices) that can receive input from a user and provide output to the user. The I/O components 208 may be communicatively coupled to the processor 202. Examples of input components may include, but are not limited to, a touch screen, such as a touch screen of a display device, a microphone, a motion sensor, a light sensor, a dedicated hardware input unit (such as a push button), and a docking station. Examples of output components include a display device and a speaker.

[0080] The transceiver 210 includes suitable logic, circuitry, and interfaces that may be configured to communicate with one or more external devices, such as other computing devices. Examples of the transceiver 210 may include, but is not limited to, an antenna, a telematics unit, a radio frequency (RF) transceiver, one or more amplifiers, one or more oscillators, a digital signal processor, a coder-decoder (CODEC) chipset, and/or a subscriber identity module (SIM) card.

[0081] In operation, the processor 202 is configured to select a first register in the register bank 206. The first register is selected to monitor the contents of first register for any modification to secure the computing device 200 from memory corruption during execution of program code. Memory corruption is any modifications that are made via such a memory corruption bug, by an unauthorized user, in the program code that changes contents of memory location in the program code. Such memory corruption is undesirable. [0082] According to an embodiment, the processor 202 is further configured to estimate whether a number of registers in the register bank 206 is insufficient to store a given number of register values at a given time during execution of the program code for the selection of the first register in the register bank 206. Such estimation of the number of registers is performed by determining a maximum possible number of registers which will be required for executing the program code at a given time. Further, the maximum possible number of required registers is compared with the number of registers in the register bank 206. Based on the comparison, if the maximum possible number of required registers at a given time is less than the number of registers in the register bank 206, the number of registers in the register bank 206 is considered insufficient. Further, if the number of registers in register bank is insufficient then the contents of the one or more registers is transferred to a different location (e.g. the memory) during executing of the program code (this is known as register spilling).

[0083] According to an embodiment, the processor 202 is further configured to determine that the first register value stored in the first register is required to be pushed in the memory 204 for the selection of the first register in the register bank 206. Based on the aforesaid estimation, if the number of registers in the register bank 206 is insufficient, the first register value (i.e. content) of the first register is determined to be pushed into the memory 204. As a result, the first register has empty space to occupy a different register value for the execution of the program code.

[0084] According to an embodiment, the first register is a callee-saved register. The first register is the callee-saved register used by a function, where register value (i.e. content) of the register needs to be preserved during execution of the program code. This is done by saving a copy of the original register value when entering the function in the memory 204 (into a stack) of the computing device 200 and restoring the register value from memory 204 when exiting the function.

[0085] The processor 202 is further configured to generate a first message authentication code for a first register value stored in the first register. In a case where the processor 202 (specifically, a compiler of the computing device 200) has decided to spill the first register value of the first register, the processor 202 generates a code, such as the first message authentication code, to save the first register value and restore the first register value when needed. The first message authentication code is stored in the memory 204 along with the spilled register such the first register value. In an example, the processor 202 executes the compiler to provide instructions to generate the first message authentication code. [0086] According to an embodiment, the processor 202 is further configured to use a salt value and a cryptographic key to calculate the first message authentication code for the first register value for generation of the first message authentication code, wherein the cryptographic key is associated with a defined privilege level in the computing device 200 to secure the cryptographic key. In an example, each of the salt value and the cryptographic key are concatenated together and processed with a cryptographic hash function to form the first message authentication code. The first message authentication code is stored in the first register instead of directly storing the cryptographic key. As a result, the cryptographic key is protected from any attacks made to corrupt the data during storage of register value in the memory 204 upon spilling of the register.

[0087] The processor 202 is further configured to store the generated first message authentication code to a second register of the register bank 206. The second register in which the generated first message authentication code is stored is different from the first register in which the first register value is stored. The generated first message authentication code is stored in the second register to enable transferring of the first message authentication code along with the first register value to the memory of the computing device.

[0088] The processor 202 is further configured to push the first register value stored in the first register and the first message authentication code stored in the second register into the memory 204. The first register value is pushed into the memory 204 as the number of registers of the register bank 206 are insufficient in comparison to number of register values required for execution of the program code. The pushing of the first message authentication code along with the first register value ensures that, if there is any tampering of the first register value in the memory 204, it can be detected by recalculating the message authentication code and comparing with the first message authentication code pushed in the memory 204.

[0089] The processor 202 is further configured to reload the pushed first message authentication code to a third register and the pushed first register value to a fourth register from the memory 204. The first message authentication code that is associated with the first register value are reloaded from the memory 204 to designated registers of the register bank 206. The first register value is reloaded after two or more registers in the register bank 206 are empty and free for receiving data (i.e. the message authentication code and the pushed first register value). The first register value is reloaded to enable smooth execution of the program code using the register values (e.g. program variables) stored in registers of the register bank 206. [0090] The processor 202 is further configured to calculate from the reloaded first register value, a second message authentication code. The message authentication code of the first register value is recalculated after reloading of the first register value to determine if the first register value is changed or tampered when it was stored in the memory 204. The second message authentication code for the first register value is generated in a similar way as the generation of the first message authentication code.

[0091] According to an embodiment, the calculated second message authentication code is stored in a fifth register. At this point, the first message authentication code is present in the third register, the pushed first register value is present in the fourth register, and thus the calculated second message authentication code is stored in another register, such as the fifth register. The second message authentication code is stored in the fifth register to enable association of the second authentication code with the reloaded first register value and first message authentication code.

[0092] The processor 202 is further configured to compare the calculated second message authentication code and the reloaded first message authentication code. The comparison of the two message authentication codes generated before and after reloading the first register value enables to validate the reloaded first register value. The comparison enables determining if there was any manipulation of the first register value, for example, due to malicious attacks on the memory 204 which may have been modified or tampered the previously spilled first register value in the memory 204. Such modification or tampering are accurately detected based on the comparison to protect the computing device 200 from memory corruption.

[0093] According to an embodiment, a comparator circuitry may be used to compare the second message authentication code and the first message authentication code. In an example, the cryptographic key of the second message authentication code is compared with the cryptographic key of the reloaded first message authentication code.

[0094] The processor 202 is further configured to abort a further execution of the program code if, based on the comparison, the calculated second message authentication code does not match the reloaded first message authentication code. The program code is aborted to prevent further execution of the program code to protect the computing device 200 from memory corruption. The mismatch of the second message authentication code with respect to reloaded first message authentication code indicates that the first register value was modified in the memory 204. [0095] According to an embodiment, the processor 202 is further configured to continue a further execution of the program code if, based on the comparison, the calculated second message authentication code matches the reloaded first message authentication code. The match of the second message authentication code with respect to reloaded first message authentication code indicates that the first register value was unmodified in the memory 204.

[0096] According to an embodiment, the processor 202 is further configured to determine, based on a preconfigured setting in the computing device 200, whether to secure all register values spilled into the memory 204 or secure one or more register values stored in corresponding registers of the register bank 206 that are marked to be secured. The processor 202 is configured to decide, depending on a configurable option whether to protect unconditionally all the registers spills or to protect only those registers a user (e.g. a programmer) marks to be protected. The preconfigured setting refers to user option to opt in or opt out unconditional protection of all the registers spills. If a user opts out, the user may mark certain registers as to be protected via a user interface. The user interface may be a graphical user interface or a code setting (or configuration) that can be adjusted as per user preference.

[0097] FIG. 3 is an illustration of an exemplary scenario 300 related to securing a computing device from memory corruption, in accordance with an embodiment of the present disclosure. FIG. 3 is described in conjunction with FIG. 1 and FIG. 2. With reference to FIG. 3, there is shown the exemplary scenario 300. In the exemplary scenario 300, there is shown the register bank 206 with four registers, such as a zeroth register 316 (X0), a first register 318 (X1), a second register 320 (X2), and a third register 322 (X3) configured to store register values for execution of a program code. There is further shown a portion (i.e. a stack) of the memory 204 that stores data, such as register values, in the stack form (e.g., a FILO stack). The exemplary scenario 300 describes an exemplary sequence of operations 302 to 314 in order to secure the computing device 200 from memory corruption.

[0098] At operation 302, the processor 202 of the computing device 200 is configured to select the third register 322 (x3) for spilling its value into the memory 204. The selection of the third register 322 is also represented by patterns in the FIG. 3. The processor 202 potentially requires at least two more registers, such as the first register 318 and the second register 320, in order to execute various operations for securing the computing device 200 from memory corruption.

[0099] At operation 304, the processor 202 is configured to generate a first message authentication code (MAC) for the first register value stored in the third register 322 (X3) (also represented as patterned box). The generated first message authentication code for the first register value is stored in the first register 318 (X1).

[0100] At operation 306, the processor 202 is configured to push the first register value stored in the third register 322 (X3) and the first message authentication code (MAC) stored in the first register 318 (X1) into the memory 204. The stack in the memory 204 potentially comprises previously stored program variables (int a, int b, int c, struct d) in different memory locations or addresses, such as a first space 324, a second space 326, a third space 328, and a fourth space 330. The stack in the memory 204 stores the spilled register value (“spill val”) of the third register 322 in a fifth space 332 and the first message authentication code (“spill MAC”) in a sixth space 334.

[0101] At operation 308, the processor 202 is configured to reload the pushed first message authentication code (MAC) to the first register 318 (X1) and the pushed first register value to the third register 322 (x3) from the memory 204. In other words, the spilled first message authentication code and the first register value are reloaded to their original position (i.e. designated registers) in the register bank 206. The processor 202 is further configured to calculate a second message authentication code (also represented as “mac”) is calculated from the reloaded register value of the third register 322 and stored in the second register 320 (x2) of the register bank 206.

[0102] At operation 310, the processor 202 is configured to compare the calculated second message authentication code (mac) and the reloaded first message authentication code (MAC).

[0103] At operation 312, the processor 202 is further configured to abort a further execution of the program code if, based on the comparison, the calculated second message authentication code (mac) does not match the reloaded first message authentication code (MAC).

[0104] At operation 314, the processor 202 is configured to continue a further execution of the program code if, based on the comparison, the calculated second message authentication code (mac) matches the reloaded first message authentication code (MAC).

[0105] The operations 302 to 314 are only illustrative and other alternatives can also be provided where one or more operations are added, one or more operations are removed, or one or more operations are provided in a different sequence without departing from the scope of the disclosure. [0106] FIG. 4 is an illustration of an exemplary program code section executed to secure a computing device from memory corruption, in accordance with an embodiment of the present disclosure. With reference to FIG. 4 there is shown a C language code 400 (i.e. a program code) for securing the computing device 200 from memory corruption. In this exemplary implementation, the processor 202 implemented in the computing device 200 may belong to a computer processor family of reduced instruction set computing (RISC) architectures.

[0107] The C language code 400 includes an instruction 402 that hits the compiler to spill an example register into a memory. In FIG. 5, the example register to be spilled is marked as “x21 register”. The C language code 400 further incudes an instruction 404 that indicates a need to push the example register (a value that is to be protected) into the memory. The instruction 404 ensures the integrity of the value of the example register. The instruction 404 will stop execution in a controlled manner if the integrity of the value of the example register is compromised, thereby preventing an attacker to potentially change the value for its own benefit. In other words, the instruction 404 aborts the execution of program code in the controlled manner if there is any modification in the value of the example register when the example register is spilled in the memory.

[0108] FIG. 5 is an illustration of an example assembly code executed to secure a computing device from memory corruption, in accordance with an embodiment of the present disclosure. With reference to FIG. 5, there is shown the assembly code 500. The assembly code 500 is in assembly language.

[0109] The assembly code 500 generally indicates how protection of register spills is done. The example code is assembly code which can be executed, for example, in ARM64 type processor architectures from ARM Limited (ARM is a registered trademark of ARM Limited). The processor 202 executes the assembly code 500 to emit an instruction to protect all registers spills, for example, from callee-saved registers (CSR) in the processor 202. In the assembly code 500, registers x19 to x28 are defined as callee-saved registers. As a result, the functions using the registers x19 to x28 need to preserve their original values during the execution. In the assembly code 500, a code section 502 indicates saving a copy of the original register value when entering the function in memory (stack) and the code section 504 indicate restoring the register value from memory when exiting the function. The code sections 506, 508, and 510 indicate calculation and use of the MAC (or similar depending on the processor type) for the callee-saved registers (in given example register x21).

[0110] In the above example, by use of the method of the present disclosure, beneficially, instructions can be inserted that calculate the message authentication code (MAC) and push the calculated message authentication code along with the original register value into memory to protect the spilled register value (not shown in FIG. 5). The operations related to the calculation of the message authentication code and other operations for securing a computing device from memory corruption (e.g. protection of register spills) have been described in detail, for example, in FIG. 1A, 1 B, 2, and 3 (not shown in FIG. 5), and can be applied to protect register spills from registers of any processor family, such as RISC architectures, like ARM64, for instance. For example, by use of the method of the present disclosure (not shown in FIG. 5), before calling check_permission(), the processor 202, by use of its compiler, may insert a message authentication code that is calculated, for example, for the “auth” variable and push it into the stack (memory). On return of the check permission, the processor 202 (using the compiler) may insert code (emit instructions) to reload the MAC value, recalculate the MAC based on the value of register after the calling and check that both values match, similar to the operations as described in FIG. 1A and 3 in an example. In FIG. 5, as the code section 512 also indicates that the “auth” variable value is not safe, as it is not stored in a register at all times in conventional systems, by use of the modified “check_permission()” using the method of the present disclosure, the integrity of the value of the example register x21 is ensured. The program code stops execution in a controlled manner if the integrity of the spilled values (e.g. the value of register x21 that is spilled) is compromised, thereby preventing an attacker from potentially changing the value of the protected register for its own benefit. Thus, the method 100 and operations of the computing device 200 secure memory corruption and protect the values of the callee-saved registers x19 to x28, specifically the spilled value of register x21 in this case, during the execution.

[0111] Modifications to embodiments of the present disclosure described in the foregoing are possible without departing from the scope of the present disclosure as defined by the accompanying claims. Expressions such as "including", "comprising", "incorporating", "have", "is" used to describe and claim the present disclosure are intended to be construed in a nonexclusive manner, namely allowing for items, components or elements not explicitly described also to be present. Reference to the singular is also to be construed to relate to the plural. The word "exemplary" is used herein to mean "serving as an example, instance or illustration". Any embodiment described as “exemplary” is not necessarily to be construed as preferred or advantageous over other embodiments and/or to exclude the incorporation of features from other embodiments. The word "optionally" is used herein to mean "is provided in some embodiments and not provided in other embodiments". It is appreciated that certain features of the present disclosure, which are, for clarity, described in the context of separate embodiments, may also be provided in combination in a single embodiment. Conversely, various features of the invention, which are, for brevity, described in the context of a single embodiment, may also be provided separately or in any suitable combination or as suitable in any other described embodiment of the disclosure.

Claims

1. A method (100) for securing a computing device (200) from memory corruption, the computing device (200) comprising a register bank (206), a memory (204), and a computing module for executing a program code, the method (100) comprising: selecting a first register in the register bank (206); generating a first message authentication code for a first register value stored in the first register; storing the generated first message authentication code to a second register of the register bank (206); pushing the first register value stored in the first register and the first message authentication code stored in the second register into the memory (204); reloading the pushed first message authentication code to a third register and the pushed first register value to a fourth register from the memory (204); calculating, from the reloaded first register value, a second message authentication code; comparing the calculated second message authentication code and the reloaded first message authentication code; and aborting a further execution of the program code if, based on the comparison, the calculated second message authentication code does not match the reloaded first message authentication code.

2. The method (100) according to claim 1 , wherein the selecting of the first register in the register bank (206) comprises estimating whether a number of registers in the register bank (206) is insufficient to store a given number of register values at a given time during execution of the program code.

3. The method (100) according to claim 1 or 2, wherein the selecting of the first register in the register bank (206) further comprises determining that the first register value stored in the first register is required to be pushed in the memory (204).

4. The method (100) according to any one of the preceding claims, wherein the generating of the first message authentication code comprises using a salt value and a cryptographic key to generate the first message authentication code for the first register value, wherein the cryptographic key is associated with a predefined privilege level in the computing device (200) to secure the cryptographic key.

5. The method (100) according to any one of the preceding claims, further comprising continuing a further execution of the program code if, based on the comparison, the calculated second message authentication code matches the reloaded first message authentication code.

6. The method (100) according to any one of the preceding claims, further comprising determining, based on a preconfigured setting in the computing device (200), whether to secure all register values pushed into the memory (204) or to secure one or more register values stored in corresponding registers of the register bank (206) that are marked to be secured.

7. The method (100) according to any one of the preceding claims, wherein the first register is a callee-saved register.

8. The method (100) according to any one of the preceding claims, wherein the second message authentication code is stored in a fifth register.

9. A computing device (200), comprising: a register bank (206); a memory (204); and a processor (202) for execution of a program code, wherein the processor (202) is configured to: select a first register in the register bank (206); generate a first message authentication code for a first register value stored in the first register; store the generated first message authentication code to a second register of the register bank (206); push the first register value stored in the first register and the first message authentication code stored in the second register into the memory (204); reload the pushed first message authentication code to a third register and the pushed first register value to a fourth register from the memory (204); calculate, from the reloaded first register value, a second message authentication code; compare the calculated second message authentication code and the reloaded first message authentication code; and abort a further execution of the program code if, based on the comparison, the calculated second message authentication code does not match the reloaded first message authentication code.

10. The computing device (200) according to claim 9, wherein the processor (202) is further configured to estimate whether a number of registers in the register bank (206) is insufficient to store a given number of register values at a given time during execution of the program code for the selection of the first register in the register bank (206).

11. The computing device (200) according to claim 10, wherein the processor (202) is further configured to determine that the first register value stored in the first register is required to be pushed in the memory (204) for the selection of the first register in the register bank (206).

12. The computing device (200) according to any one of the claims 9-11 , wherein the processor (202) is further configured to use a salt value and a cryptographic key to calculate the first message authentication code for the first register value for generation of the first message authentication code, wherein the cryptographic key is associated with a predefined privilege level in the computing device (200) to secure the cryptographic key.

13. The computing device (200) according to any one of the claims 9-12, wherein the processor (202) is further configured to continue a further execution of the program code if, based on the comparison, the calculated second message authentication code matches the reloaded first message authentication code.

14. The computing device (200) according to any one of the claims 9-13, wherein the processor (202) is further configured to determine, based on a preconfigured setting in the computing device (200), whether to secure all register values spilled into the memory (204) or secure one or more register values stored in corresponding registers of the register bank (206) that are marked to be secured.

15. The computing device (200) according to any one of the claims 9-14, wherein the first register is a callee-saved register.

16. The computing device (200) according to any one of the claims 9-15, wherein the calculated second message authentication code is stored in a fifth register.

17. A computer program product comprising a computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computing device (200) comprising a processor (202) to execute a method (100) as claimed in any one of claims 1 to 8.