Pointer Provenance in a Capability Architecture


Alfredo Mazzinghi, Ripduman Sohan, and Robert N. M. Watson, University of Cambridge


We design and implement a framework for tracking pointer provenance, using our CHERI fat-pointer capability architecture to facilitate analysis of security implications of program pointer flows in both user and privileged code, with minimal instrumentation. CHERI enforces pointer provenance validity at the architectural level, in the presence of complex pointer arithmetic and type casting. CHERI present new opportunities for provenance research: we discuss use cases and highlight lessons and open questions from our work.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@inproceedings {220313,
author = {Alfredo Mazzinghi and Ripduman Sohan and Robert N. M. Watson},
title = {Pointer Provenance in a Capability Architecture},
booktitle = {10th USENIX Workshop on the Theory and Practice of Provenance (TaPP 2018)},
year = {2018},
address = {London},
url = {https://www.usenix.org/conference/tapp2018/presentation/mazzinghi},
publisher = {USENIX Association},
month = jul,