You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our proposed secure switcher implementation [1] has a potential flaw, as observed by @jacobbramleyhere. We are storing some capabilities within a space that the compartment we are switching into has access [2]. It should be possible to retrieve these capabilities from within this compartment.
The solution would be to store these before switching the DDC. Which would mean the switcher itself needs to have a scratch space as well.
Our proposed secure switcher implementation [1] has a potential flaw, as observed by @jacobbramley here. We are storing some capabilities within a space that the compartment we are switching into has access [2]. It should be possible to retrieve these capabilities from within this compartment.
The solution would be to store these before switching the DDC. Which would mean the switcher itself needs to have a scratch space as well.
[1] https://github.com/capablevms/cheri-examples/tree/master/hybrid/compartment_examples/inter_comp_call/secure
[2]https://github.com/capablevms/cheri-examples/blob/master/hybrid/compartment_examples/inter_comp_call/secure/switch_compartment.s#L35-L40
The text was updated successfully, but these errors were encountered: