Speaker
Description
Pointers have provenance which is the notion that pointers to separate objects of different origins are distinct regardless of the pointer’s address value. This is true in systems programing languages include C, C++, and Rust and deterministically enforced by hardware and software on CHERI systems (systems such a Arm’s PAC and MTE also provide probabilistic enforcement).
We developed address space reservations (hereafter reservations) to support CHERI’s strict provenance model. Reservations are implemented in the vmsystem and exposed by the mmap() family of system calls. In this talk I will describe the design of reservations and the compatibility constraints that drove the design. Further, I will explain how adapting existing code to reservations can improve correctness across the entire ecosystem.
