# GARUDA 2.0

Sage Sefton ss557415@ohio.edu Ohio University Avinash Karanth karanth@ohio.edu Ohio University

2020 Fall

# 1 Background

GARUDA was a system that operated on a two stream model of the "user" or program, and that which executed the instructions. GARUDA 2.0, we extend, or refine based on the point of view, this model to operate between the Execution (EXE) and Memory (MEM) stages of the pipeline. We assume a monitor theory shown by the graphic Fig ??. The monitor appears to operate on a single stream, but the two hanging connections can be considered the two streams of the former model.

The most obvious change we need to make is to enable encryption and decryption of the EffAddr. Our attack vector focuses on a trojan targeting the state register between the EXE and MEM stages. They could cache these addresses and try to access that memory later, or they may try to use them as a side channel. Either way, allowing an adversary to track our memory accesses is clearly problematic. However, when we refer to "encryption", we really mean some reversible obfuscation function. We employ the proof assistant, Coq, to prove the EN and DE blocks are exact inverses. GARUDA is written in Coq for exactly this reason, so requiring a proof that  $\forall P, DE(ENP) = P$  should be sufficient.

# 2 The Implementation of GARUDA 2.0

# 2.1 Syntax

#### 2.1.1 Definitions

```
EXE Input Fields
                               f_{Ei}
                                       ::=
                                                f_{Ei_1} \mid \cdots \mid f_{Ei_k}
State Reg Fields
                               f_{SR} ::=
                                               f_{SR_1} \mid \cdots \mid f_{SR_k}
MEM Input Fields
                                      := f_{Mi_1} \mid \cdots \mid f_{Mi_k}
                               f_{Mi}
Fields
                                               f_{Ei} \mid f_{SR} \mid f_{Mi}
                               f
Obfuscated Field
                               f^{\mathbf{o}}
                                        ::=
                                       := \{f_{i_1} = v_{i_1}, \ldots, f_{i_k} = v_{i_k}\}
Inputs
                                        ::= \{f_{o_1} = v_{o_1}, \ldots, f_{o_k} = v_{o_k}\}
Outputs
                               0
                                        ::= f \rightarrow f^{o} \mid f^{o} \rightarrow f
Obfuscation Fxn
                               Φ
```

### 2.1.2 Syntax of Predicates

#### 2.2 Semantics

#### 2.2.1 Semantics of Predicates

#### 2.2.2 Semantics of Policies

# 3 Compilation to Verilog

### 3.1 The Intermediate Language

```
Values
                        INSTR | RES
Registers
                        reg
Expressions e
                        read(b)
                                                    Read Reg
                 ::=
                                                    Write Value to Reg
                        write(b, v)
                        let x = e_1 in e_2
                                                    Assignment
                                                    Parallel
                        e_1 \parallel e_2
                        f(e_1)
                                                    Apply Function
                        if v = n then e_1 else e_2
                                                    Conditional
                        e_1 \&\& e_2
                                                    Product (AND)
                        e_1; e_2
                                                    Concatenation
                                                    Hardwire
                        forever e
```

# 3.2 Compiling GARUDA 2.0 to the Intermediate

We define a function  $\mathbf{C}$  to be the compilation of some predicate or policy in GARUDA 2.0 to the intermediate language.  $\mathbf{C}$  operates on the four ports of the GARUDA 2.0 monitor. These consist of the processing done after the Execution stage, before the Memory stage, and their respective altered streams. Table ?? summarizes each port. Assume all  $\mathbf{C}$  are short for  $\mathbf{C}_{(EXE,EXE^{\circ},MEM^{\circ},MEM)}$  if unspecified.

| PORT               | DESCRIPTION                           |
|--------------------|---------------------------------------|
| EXE                | Direct output of the execution stage. |
| $EXE^{\mathbf{o}}$ | Altered state register input.         |
| $MEM^{\mathbf{o}}$ | Direct output of the state register.  |
| MEM                | Altered memory access input.          |

### 3.2.1 Compiling Predicates

```
\mathbf{C}[0] = let \ E\_bog = new \ buf
                               M\_boq = \text{new buf}
                           in write(EXE^{o}, E\_bog)
                              write(MEM, M\_boq)
              C[1] = write(EXE^{o}, read(EXE))
                           write(MEM, read(MEM^{o}))
       \mathbf{C}[f=n] = if \ EXE = n \ then
                              write(EXE^{o}, read(EXE))
                              else \mathbf{C}_{(EXE,EXE^{\circ},-,-)}[0]
                           if MEM^{\mathbf{o}} = n then
                              write(MEM, read(MEM^{o}))
                              else \mathbf{C}_{(-,-,MEM^{\circ},MEM)}[0]
\mathbf{C}[\mathsf{test}(a+b)] = (*Intermediate\ Execution\ Ports*)
                           let E_{ai}, E_{ai}^{\mathbf{o}}, E_{bi}, E_{bi}^{\mathbf{o}} = \text{new buf } in
                           (*Intermediate\ Memory\ Ports*)
                           let M_{ai}^{\mathbf{o}}, M_{ai}, M_{bi}^{\mathbf{o}}, M_{bi} = \text{new buf } in
                                 DeMux(EXE, E_{ai}, E_{bi}) \parallel
                                DeMux(MEM^{\mathbf{o}}, M_{ai}^{\mathbf{o}}, M_{bi}^{\mathbf{o}})
                           let i_a = \mathbf{C}_{(E_{ai}, E_{ai}^{\circ}, M_{ai}^{\circ}, M_{ai})}[a]
                                i_b = \mathbf{C}_{(E_{bi}, E^{\mathbf{o}}_{bi}, M^{\mathbf{o}}_{bi}, M_{bi})}[b]
                           in \ Mux(i_a \ i_b, (EXE^{\mathbf{o}}, MEM))
  \mathbf{C}[\mathsf{test}(a \cdot b)] = \mathbf{C}[\mathsf{test}(a) \cdot \mathsf{test}(b)]
           \mathbf{C}[\neg a] = if \neg a \ then
                              write(EXE^{o}, read(EXE))
                              write(MEM, read(MEM^{o}))
                           else C[0]
```

### 3.2.2 Compiling Policies

# 4 Applications of GARUDA 2.0

#### 4.1 Standard Taint

In the previous version of GARUDA, taint was implemented by tagging the most significant bit of a register. This caused no hardware overhead to maintain in the pipeline, but imposed an obvious bit-resolution hindrance. In GARUDA 2.0, the definition of such a policy is identical, but the compilation is different.

We assume a MIPS-like architecture for this example. The op codes of any given instruction are no more than 3;  $\mathsf{IN}_1$ ,  $\mathsf{IN}_2$ , and  $\mathsf{OUT}$  We denote these as RS, RT, and RD.

Let's suppose you want your taint to propogate on the inputs of any arithmetic instructions. Additionally, you prohibit any tainted instructions or addresses from accessing memory. In GARUDA 2.0, we can define this as follows. Please note that ALU can further be expanded to specific types of ALU instructions

```
Instruction Fields f_i ::= Taint_{RS}, Taint_{RT}, Taint_{RD}, OP
                                     \mathsf{MEM}_{\mathsf{READ}} \mid \mathsf{MEM}_{\mathsf{WRITE}} \mid \mathsf{ALU} \mid \, \cdots \,
      Result Fields f_r ::=
                                     (*empty*)
                               \triangleq
                                     OP = ALU
                     Arith
                      Read
                                     OP = MEM_{RFAD}
                     Write
                                     \mathsf{OP} = \mathsf{MEM}_{\mathsf{WRITE}}
                AnyMem
                                     Read + Write
            TaintedInstr
                                      (Taint_{RS} = TRUE) + (Taint_{RT} = TRUE)
                                \triangleq
                                      \mathsf{Taint}_{\mathsf{RD}} \leftarrow \mathsf{TRUE}
                 TaintRes
         PropTaintALU
                                     act(Arith \cdot TaintedInstr \cdot TaintRes)
                                     +act(Arith \cdot \neg TaintedInstr)
           NoTaintMem
                                     act(AnyMem \cdot \neg TaintedInstr)
             SecureMem
                                     PropTaintALU + NoTaintMem
                                      +act(\neg(Arith + AnyMem))
```

# 4.2 Speculative Taint

[1]

```
Instruction \ Fields \ f_i ::= Taint_{RS}, Taint_{RT}, Taint_{RD}, OP
                            ::= MEM_{READ} \mid MEM_{WRITE} \mid ALU \mid \cdots
                      OP
      Result Fields f_r ::=
                                   (*empty*)
                              \triangleq OP = ALU
                    Arith
                              \triangleq OP = MEM<sub>READ</sub>
                    Read
                   Write
                              \triangleq
                                   \mathsf{OP} = \mathsf{MEM}_{\mathsf{WRITE}}
               AnyMem
                                   \mathsf{Read} + \mathsf{Write}
            TaintedInstr
                                    (Taint_{RS} = TRUE) + (Taint_{RT} = TRUE)
                TaintRes
                                    \mathsf{Taint}_{\mathsf{RD}} \leftarrow \mathsf{TRUE}
         PropTaintALU
                                   act(Arith \cdot TaintedInstr \cdot TaintRes)
                                    +act(Arith \cdot \neg TaintedInstr)
          NoTaintMem
                                   act(AnyMem \cdot \neg TaintedInstr)
            SecureMem
                                   PropTaintALU + NoTaintMem
                                    +act(\neg(Arith + AnyMem))
```

# References

[1] Jiyong Yu, Mengjia Yan, Artem Khyzha, Adam Morrison, Josep Torrellas, and Christopher W Fletcher. Speculative taint tracking (stt) a comprehensive protection for speculatively accessed data. In *Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture*, pages 954–968, 2019.