Runtime Library of CETS

file: safecode/runtime/SoftBoundRuntime/softboundcets.c and .h:

typedef struct {
 void* base;
  void* bound;
  size_t key;
  void* lock;  
} __softboundcets_trie_entry_t;

A shadow stack:

  • void __softboundcets_allocate_shadow_stack_space(int num_pointer_args)
  • void* __softboundcets_load_base_shadow_stack(int arg_no)
  • void* __softboundcets_load_bound_shadow_stack(int arg_no)
  • key, lock…
  • store base/bound/key/lock
  • __softboundcets_stack_memory_allocation(void** ptr_lock, size_t* ptr_key)

Bound check:

  • void __softboundcets_spatial_call_dereference_check(void* base, void* bound, void* ptr)
  • void __softboundcets_spatial_load_dereference_check(void *base, void *bound, void *ptr, size_t size_of_type)
  • void __softboundcets_spatial_store_dereference_check(void *base, void *bound, void *ptr, size_t size_of_type)
  • void __softboundcets_memcopy_check_i64(char* ptr, char* ptr_base, char* ptr_bound, size_t size)
  • void __softboundcets_memcopy_check(char* dest, char* dest_base, char* dest_bound, char* src, char* src_base, char* src_bound, size_t size)
  • void __softboundcets_temporal_load_dereference_check(void* pointer_lock, size_t key,void* base, void* bound)
  • void __softboundcets_temporal_store_dereference_check(void* pointer_lock, size_t key,void* base, void* bound)

Metadata load/store:

  • void __softboundcets_metadata_store(void* addr_of_ptr, void* base, void* bound, size_t key, void* lock)
  • void __softboundcets_metadata_load(void* addr_of_ptr, void** base, void** bound, size_t* key, void** lock)

Memory alloca/dealloc:

  • void __softboundcets_memory_deallocation(void* ptr_lock, size_t ptr_key)

  • void* __softboundcets_allocate_lock_location()

  • void __softboundcets_allocation_secondary_trie_allocate_range(void* initial_ptr, size_t size)

  • void __softboundcets_allocation_secondary_trie_allocate(void* addr_of_ptr)

  • void __softboundcets_memory_allocation(void* ptr, void** ptr_lock, size_t* ptr_key)

  • void* __softboundcets_get_global_lock()

  • void __softboundcets_add_to_free_map(size_t ptr_key, void* ptr)

  • void __softboundcets_check_remove_from_free_map(size_t ptr_key, void* ptr)

    void * __softboundcets_safe_mmap(void* addr, 
                             size_t length, int prot, 
                             int flags, int fd, 
                             off_t offset){
return mmap(addr, length, prot, flags, fd, offset);
}

void* __softboundcets_safe_calloc(size_t nmemb, size_t size){

return calloc(nmemb, size);
}

void* __softboundcets_safe_malloc(size_t size){

return malloc(size);
}
void __softboundcets_safe_free(void* ptr){

free(ptr);
}

file: safecode/runtime/SoftBoundRuntime/softboundcets-wrappers.c:

__WEAK_INLINE void __softboundcets_read_shadow_stack_metadata_store(char** endptr, int arg_num)

__WEAK_INLINE void __softboundcets_propagate_metadata_shadow_stack_from(int from_argnum, int to_argnum)

__WEAK_INLINE void __softboundcets_store_null_return_metadata()

__WEAK_INLINE void __softboundcets_store_return_metadata(void* base, void* bound, size_t key, void* lock

system wrappers

main library wrappers

math library wrappers

file library wrappers

unistd.h wrappers

string related wrappers

time related library wrappers

Created Jul 23, 2019 // Last Updated Oct 12, 2019

If you could revise
the fundmental principles of
computer system design
to improve security...

... what would you change?