You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After mulling over the system calls examples I worked in earlier today, I had a potential idea of how to integrate this idea better with the compartment implementation, while also getting rid of intercepts completely (including malloc intercepts).
We can introduce a new indirection layer, either as a library dependency, or perhaps as a header file with #defines, with implementations of DDC-bounded-safe functions. For instance, we would redirect printf calls to an internal printf implementation which has the same observable effect, but uses a write system call. We could also then move the malloc functions inside, which could use the DDC capability to know where to allocate space for the compartment they are in.
I'm unsure if this approach would be able to handle all libc functions, but I think I prefer it to having implicit transitions via the injections, and we would also simplify a lot of the code (particularly the ugly instruction building in comp_add_intercept.
The text was updated successfully, but these errors were encountered:
After mulling over the system calls examples I worked in earlier today, I had a potential idea of how to integrate this idea better with the compartment implementation, while also getting rid of intercepts completely (including
mallocintercepts).We can introduce a new indirection layer, either as a library dependency, or perhaps as a header file with
#defines, with implementations of DDC-bounded-safe functions. For instance, we would redirectprintfcalls to an internalprintfimplementation which has the same observable effect, but uses awritesystem call. We could also then move themallocfunctions inside, which could use the DDC capability to know where to allocate space for the compartment they are in.I'm unsure if this approach would be able to handle all
libcfunctions, but I think I prefer it to having implicit transitions via the injections, and we would also simplify a lot of the code (particularly the ugly instruction building incomp_add_intercept.The text was updated successfully, but these errors were encountered: