On Tuesday, Apple unveiled a new security feature called Memory Integrity Enforcement (MIE) built into newly introduced iPhone models, including the iPhone 17 and iPhone Air.
According to The Tech Giant, by designing the A19 and A19 Pro chips with this aspect in mind, Mie provides “always always memory safety” across critical attack surfaces such as the kernel and over 70 userland processes, without sacrificing device performance.
“Memory integrity enforcement is built on the robust foundation provided by secure memory allocators and is supported by a wide range of tag confidentiality enforcement policies, coupled with synchronous mode extended memory tag extensions (EMTE),” the company said.
This effort aims to improve memory safety and prevent bad actors, particularly those who use mercenary spyware. In the first place, it aims to use such flaws as a weapon to infiltrate devices as part of a highly targeted attack.
Mie is EMTE. This is an improved version of the Memory Tagging Extension (MTE) specification released by Chipmaker Arm in 2019, flagging memory corruption bugs either synchronously or asynchronously. EMTE was released by ARM in 2022 following a collaboration with Apple.
It is worth noting that Google’s Pixel devices already support MTE as a developer option starting with Android 13. Similar memory integrity features have also been introduced by Microsoft on Windows 11.
How to block access after Mie uses it
“The ability of MTE to detect memory corruption exploitation with initial dangerous access is a major improvement in diagnostic and potential security effects,” Google Project Researcher Mark Brand said in October 2023, coinciding with the release of the Pixel 8 and Pixel 8 Pro.
“For the first time in production handsets, MTE availability is a huge step forward and I think it could be using this technology to make zero days more difficult.”
According to Apple, Mie translates MTE from a “helpful debugging tool” into a groundbreaking new security feature, providing security protection against two common vulnerability classes (buffer overflow and useless bugs), which can lead to memory corruption.
How mie blocks buffer overflow
This essentially involves blocking out-of-bound requests to access adjacent memory with different tags and retag memory as it is released and re-allocated by the system and then re-used for other purposes. As a result, requests to access tagged memory with old tags (indicating the after-use scenario) are also blocked.
“A significant weakness of the original MTE spec is that access to untagged memory, such as global variables, is not checked by hardware,” Apple explained. “This means that attackers do not have to face so many defensive constraints when trying to control the configuration and state of their core applications.”
“With MTE enhancements, accessing tagged memory from tagged memory regions requires knowing the tag for that region, specifying that attackers make dynamic tagged memory bugs very difficult to work around EMTE by directly modifying untagged allocations.”
Enable MTE on Google Pixel
Cupertino said it has developed what is called Tag Confidentity Enforcement (TCE) to ensure the implementation of memory allocators against side-channel and speculative execution attacks like Tiktag.
“Meticulous planning and implementation of memory integrity enforcement will keep users completely invisible, while maintaining sync tag checks for all the platform’s demanding workloads and providing groundbreaking security while minimizing performance impact,” he added.
Source link
