Sealed with a Library Call: Memory Allocators Should Track Capability Seal Operations - POCL'24

Explore the implications of allowing application code to perform general capability sealing in CHERI through this 17-minute conference talk. Delve into the interaction between sealed capabilities and memory allocators, examining both explicit malloc style allocators and automated garbage collection regimes. Discover how memory allocators must be aware of sealed capabilities and trace reference graphs through them to prevent runtime memory errors like space leaks or dangling pointers. Learn about a proposed augmented allocator API for tracking capability seal operations and gain insights into a prototypical implementation. Understand the potential benefits of using sealed capabilities for secure data exchange between untrusted code components through illustrative scenarios presented by Jeremy Singer at the ACM SIGPLAN event.