FRAMER: a tagged-pointer capability system with memory safety applications
View / Open Files
Conference Name
2019 Annual Computer Security Applications Conference (ACSAC 2019)
Type
Conference Object
This Version
VoR
Metadata
Show full item recordCitation
Nam, M. J., Akritidis, P., & Greaves, D. FRAMER: a tagged-pointer capability system with memory safety applications. 2019 Annual Computer Security Applications Conference (ACSAC 2019). https://doi.org/10.1145/3359789.3359799
Abstract
Security mechanisms for systems programming languages, such as
fine-grained memory protection for C/C++, authorize operations
at runtime using access rights associated with objects and pointers.
The cost of such fine-grained capability-based security models
is dominated by metadata updates and lookups, making efficient
metadata management the key for minimizing performance impact.
Existing approaches reduce metadata management overheads by
sacrificing precision, breaking binary compatibility by changing
object memory layout, or wasting space with excessive alignment
or large shadow memory spaces.
We propose FRAMER, a capability framework with object granu-
larity. Its sound and deterministic per-object metadata management
mechanism enables direct access to metadata by calculating their
location from a tagged pointer to the object and a compact sup-
plementary table. This may improve the performance of memory
safety, type safety, thread safety and garbage collection, or any so-
lution that needs to map pointers to metadata. FRAMER improves
over previous solutions by simultaneously (1) providing a novel
encoding that derives the location of per-object metadata with low
memory overhead and without any assumption of objects’ align-
ment or size, (2) offering flexibility in metadata placement and size,
(3) saving space by removing any padding or re-alignment, and
(4) avoiding internal object memory layout changes. We evaluate
FRAMER with a use case on memory safety.
Identifiers
External DOI: https://doi.org/10.1145/3359789.3359799
This record's URL: https://www.repository.cam.ac.uk/handle/1810/299949
Rights
All rights reserved
Licence:
http://www.rioxx.net/licenses/all-rights-reserved
Statistics
Total file downloads (since January 2020). For more information on metrics see the
IRUS guide.