09-22, 15:00–15:45 (Europe/Dublin), Foyer A
Pointers have provenance which is the notion that pointers to separate objects of different origins are distinct regardless of the pointer’s address value. This is true in systems programing languages include C, C++, and Rust and deterministically enforced by hardware and software on CHERI systems (systems such a Arm’s PAC and MTE also provide probabilistic enforcement).
We developed address space reservations (hereafter reservations) to support CHERI’s strict provenance model and other aspects of CHERI capabilities. Reservations are implemented in the vm system and exposed by the mmap() family of system calls. They are driven by collision of the constrains of mmap() with the constraints imposted by CHERI capabilities. Somewhat surprisingly, we have been able to design a system requiring few changes to existing code despite these constraints and obeying the resulting constraints has correctness and understandability benefits for existing software.
Brooks Davis is a Principle Computer Scientist in the Computer Science Laboratory at SRI International. He hold a Bachelor's Degree in Computer Science from Harvey Mudd College (1998). Since 2012 he has worked on the CHERI project and leads the engineering effort for CheriBSD, a memory safe UNIX-like operating system. Prior to his move to SRI in 2012, Brooks worked on high-performance computing and networking at The Aerospace Corporation. Brooks Davis has been a member of the FreeBSD open-source operating system project since 2001 and has served on the project's elected core team. He is also a Visiting Research Fellow at the University of Cambridge Department of Computer Science and Technology (Computer Laboratory).