Sealed with a Library Call: Memory Allocators Should Track Capability Seal Operations (POCL 2024 - - Principles of Capability Languages)

Sun 14 - Sat 20 January 2024 London, United Kingdom

Track

POCL 2024

Time Zone

The program is currently displayed in (GMT) London.

Use conference time zone: (GMT) LondonSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Tue 16 Jan 2024 11:45 - 12:07 at Flowers Room - Session 2 Chair(s): Ian Stark

Abstract

A sealed capability in CHERI is both immutable and un-dereferenceable. While sealed capabilities are generally used for compartment switching, in this talk we consider the consequences of permitting application code to perform more general capability sealing. This might be useful for secure exchange of data between untrusted code components; we will present illustrative scenarios.

This presentation considers the interaction between sealed capabilities and memory allocators. We examine both explicit malloc style allocators and automated garbage collection regimes. We show that memory allocators must be aware of sealed capabilities and should be able to trace reference graphs through sealed capabilities, otherwise runtime memory errors occur (e.g. space leaks or dangling pointers). We propose an augmented allocator API to track capability seal operations, and sketch a prototypical implementation.

File attachments

slides.pdf (jsinger-pocl24.pdf)	1.41MiB

Bio

Reader in Programming Language Implementation at the School Computing Science, University of Glasgow. In Scotland since 2010.

Time Zone

The program is currently displayed in (GMT) London.

Use conference time zone: (GMT) LondonSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Tue 16 Jan
Displayed time zone: London change

11:00 - 12:30	Session 2POCL at Flowers Room Chair(s): Ian Stark The University of Edinburgh

11:00 22m Talk		Compartmentalisation models POCL Dapeng Gao University of Cambridge
11:22 23m Talk		Proving capability safety in the presence of indirect sentries POCL Bastien Rousseau Aarhus University, Aina Linn Georges Max Planck Institute for Software Systems (MPI-SWS), Dominique Devriese KU Leuven, Jean Pichon-Pharabod Aarhus University, Lars Birkedal Aarhus University
11:45 22m Talk		Sealed with a Library Call: Memory Allocators Should Track Capability Seal Operations POCL Jeremy Singer University of Glasgow File Attached
12:08 22m Talk		Secure Calling Conventions for CHERI Capability Machines in Practice (Work in Progress) POCL Elias Storme KU Leuven, Sander Huyghebaert Vrije Universiteit Brussel, Steven Keuchel Vrije Universiteit Brussel, Thomas Van Strydonck KULeuven, Dominique Devriese KU Leuven

Sealed with a Library Call: Memory Allocators Should Track Capability Seal Operations

Tue 16 Jan
Displayed time zone: London change

Jeremy Singer

University of Glasgow

Tracks

Co-hosted Conferences

Workshops

Co-hosted Symposia

Sealed with a Library Call: Memory Allocators Should Track Capability Seal Operations

Program Display Configuration

Program Display Configuration

Tue 16 JanDisplayed time zone: London change

Jeremy Singer

University of Glasgow

Tue 16 Jan
Displayed time zone: London change