Sealed with a Library Call: Memory Allocators Should Track Capability Seal Operations - POCL'24
Offered By: ACM SIGPLAN via YouTube
Course Description
Overview
Explore the implications of allowing application code to perform general capability sealing in CHERI through this 17-minute conference talk. Delve into the interaction between sealed capabilities and memory allocators, examining both explicit malloc style allocators and automated garbage collection regimes. Discover how memory allocators must be aware of sealed capabilities and trace reference graphs through them to prevent runtime memory errors like space leaks or dangling pointers. Learn about a proposed augmented allocator API for tracking capability seal operations and gain insights into a prototypical implementation. Understand the potential benefits of using sealed capabilities for secure data exchange between untrusted code components through illustrative scenarios presented by Jeremy Singer at the ACM SIGPLAN event.
Syllabus
[POCL'24] Sealed with a Library Call: Memory Allocators Should Track Capability Seal Opera...
Taught by
ACM SIGPLAN
Related Courses
CHERI and CHERI-RISC-V, by Simon Moore, University of CambridgeTheIACR via YouTube HashTag - Hash-based Integrity Protection for Tagged Architectures
USENIX via YouTube Sonata: Low-Cost CHERI Hardware for Embedded Systems
OpenUK via YouTube The State of Morello and CHERI
ACM SIGPLAN via YouTube CHERI Static Analysis - POCL'24
ACM SIGPLAN via YouTube