Regions are types, types are policy, and other ramblings

Back to the list of Speakers and Sessions
Compilers and interpreters make use of *types* to ensure a degree of semantic sanity. I will describe how *types* can be used outside this narrow paradigm to apply policies across address spaces.

Semantically related objects often get grouped together in memory, and it is about time we take advantage of this in developing software hardening measures. Types can be naturally assigned to regions of memory in a flexible manner. Such types can form the basis of a practical and intelligible access control policy. This observation allowed me to retroactively harden an instance of the U-Boot bootloader, to model the bootloader's intentions and build an access control policy that mediated its behavior.

Typed region-based hardening measures can be applied to other kinds of software to not only protect against low-level memory vulnerabilities but also to help protect and address high-level logic-based attacks (i.e., instances of weird machines).