Projects per year
Memory capabilities as supported in capability machines are very similar to fat pointers, and hence are very useful for the efficient enforcement of spatial memory safety. Enforcing temporal memory safety however, is more challenging. This paper investigates an approach to enforce temporal memory safety for stack-allocated memory in C-like languages by extending capabilities with a simple dynamic mechanism. This mechanism ensures that capabilities with a certain lifetime can only be stored in memory that has a longer lifetime. Our mechanism prevents temporal memory safety violations, yet is sufficiently permissive to allow typical C coding idioms where addresses of local variables are passed up the call stack. We formalize the desired behavior of a simple C-like language as a dependently typed operational semantics, and we show that existing compilers to capability machines do not simulate this desired behavior: they either have to break temporal safety, or they have to defensively rule out allowed behaviors. Finally, we show that with our proposed dynamic mechanism, our compiler is fully abstract.
|Title of host publication||32nd IEEE Computer Security Foundations Symposium|
|Number of pages||13|
|Publication status||Published - Jun 2019|
|Event||32nd IEEE Computer Security Foundations Symposium - Hoboken, NJ, United States|
Duration: 25 Jun 2019 → 28 Jun 2019
Conference number: 32
|Name||IEEE Computer Security Foundations Symposium (CSF)|
|Conference||32nd IEEE Computer Security Foundations Symposium|
|Period||25/06/19 → 28/06/19|
- temporal memory safety
- machine-checked proof
FingerprintDive into the research topics of 'Temporal safety for stack allocated memory on capability machines'. Together they form a unique fingerprint.
- 1 Active