-
Notifications
You must be signed in to change notification settings - Fork 12.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Strict Provenance MVP #95241
Strict Provenance MVP #95241
Commits on Mar 30, 2022
-
Introduce experimental APIs for conforming to "strict provenance".
This patch series examines the question: how bad would it be if we adopted an extremely strict pointer provenance model that completely banished all int<->ptr casts. The key insight to making this approach even *vaguely* pallatable is the ptr.with_addr(addr) -> ptr function, which takes a pointer and an address and creates a new pointer with that address and the provenance of the input pointer. In this way the "chain of custody" is completely and dynamically restored, making the model suitable even for dynamic checkers like CHERI and Miri. This is not a formal model, but lots of the docs discussing the model have been updated to try to the *concept* of this design in the hopes that it can be iterated on.
Configuration menu - View commit details
-
Copy full SHA for 5167b68 - Browse repository at this point
Copy the full SHA 5167b68View commit details -
Make the stdlib largely conform to strict provenance.
Some things like the unwinders and system APIs are not fully conformant, this only covers a lot of low-hanging fruit.
Configuration menu - View commit details
-
Copy full SHA for c7de289 - Browse repository at this point
Copy the full SHA c7de289View commit details -
Make some rustc code conform to strict provenance.
There's some really bad stuff around `ty` and pointer tagging stuff that was too much work to handle here.
Configuration menu - View commit details
-
Copy full SHA for 6864360 - Browse repository at this point
Copy the full SHA 6864360View commit details -
Make some linux/unix APIs better conform to strict provenance.
This largely makes the stdlib conform to strict provenance on Ubuntu. Some hairier things have been left alone for now.
Configuration menu - View commit details
-
Copy full SHA for 09395f6 - Browse repository at this point
Copy the full SHA 09395f6View commit details -
Configuration menu - View commit details
-
Copy full SHA for b608df8 - Browse repository at this point
Copy the full SHA b608df8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 31e1cde - Browse repository at this point
Copy the full SHA 31e1cdeView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7514d76 - Browse repository at this point
Copy the full SHA 7514d76View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9efcd99 - Browse repository at this point
Copy the full SHA 9efcd99View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5f720fa - Browse repository at this point
Copy the full SHA 5f720faView commit details -
Configuration menu - View commit details
-
Copy full SHA for 28576e9 - Browse repository at this point
Copy the full SHA 28576e9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 378ed25 - Browse repository at this point
Copy the full SHA 378ed25View commit details -
Configuration menu - View commit details
-
Copy full SHA for 075c576 - Browse repository at this point
Copy the full SHA 075c576View commit details -
Configuration menu - View commit details
-
Copy full SHA for a91a9ee - Browse repository at this point
Copy the full SHA a91a9eeView commit details -
Configuration menu - View commit details
-
Copy full SHA for 37d4753 - Browse repository at this point
Copy the full SHA 37d4753View commit details -
Configuration menu - View commit details
-
Copy full SHA for e3a3afe - Browse repository at this point
Copy the full SHA e3a3afeView commit details