This is an idea proposed in 2011 as a good starter project, and has been completed by Chris Harding and Ross McIlroy. It was co-supervised with Robert M Watson.
In the summer of 2011, we hosted Chris Harding and Ross McIlroy to do an
internship in the Computer Lab working just as the
CTSRD/SOAPP project
kicked off.
Ross McIlroy built a tool called
privgrind, using valgrind that tracks,
for all data addresses touched, the list of functions that wrote or read from
the address and how much they wrote or read. Chris Harding then built a
visualiser for this that output the complex control flow graph that results
from this as a privsep-visualiser
which would then form a guideline for future compartmentalisation activities.
CFG of OpenBSD's syslogd
The results of this work only got partly written up, despite being very cool
(we all got busy with other projects). There is a workshop paper on Exploring Compartmentalisation Hypotheses with SOAAP
which covers some of the work, and the wider CHERI/CTSRD project has done plenty
more since.
# 1st Aug 2011•compiler, kernel, security, systems
