Pointer Provenance in a Capability Architecture

Mazzinghi, A; Watson, Robert NM; Sohan, Ripduman

View / Open Files

Accepted version (PDF, 367Kb)

Authors

Mazzinghi, A

Watson, Robert NM

Sohan, Ripduman

Journal Title

10th USENIX Workshop on Theory and Practice of Provenance

Conference Name

USENIX Theory and Practice of Provenance

Publisher

USENIX

Type

Conference Object

Metadata

Show full item record

Citation

Mazzinghi, A., Watson, R. N., & Sohan, R. Pointer Provenance in a Capability Architecture. 10th USENIX Workshop on Theory and Practice of Provenance https://doi.org/10.17863/CAM.27830

Abstract

We design and implement a framework for tracking pointer provenance, using our CHERI fat-pointer capability architec- ture to facilitate analysis of security implications of program pointer flows in both user and privileged code, with mini- mal instrumentation. CHERI enforces pointer provenance validity at the architectural level, in the presence of complex pointer arithmetic and type casting. CHERI present new op- portunities for provenance research: we discuss use cases and highlight lessons and open questions from our work.

Sponsorship

DARPA/AFRL FA8750-10-C-0237, Google Chrome University Research Program Award

Identifiers

External DOI: https://doi.org/10.17863/CAM.27830

This record's URL: https://www.repository.cam.ac.uk/handle/1810/280459

Rights

Licence:

http://www.rioxx.net/licenses/all-rights-reserved

Statistics

Total file downloads (since January 2020). For more information on metrics see the IRUS guide.