/ Ideas / Control flow analysis for privilege separation

This is an idea proposed in 2011 as a good starter project, and has been completed by Chris Harding and Ross McIlroy. It was supervised by Anil Madhavapeddy and Robert M Watson as part of my Unikernels project.

Summary

In the summer of 2011, we hosted Chris Harding and Ross McIlroy to do an internship in the Computer Lab working just as the CTSRD/SOAPP project kicked off.

CFG of OpenBSD's syslogd (full graph)

Ross McIlroy built a tool called privgrind, using valgrind that tracks, for all data addresses touched, the list of functions that wrote or read from the address and how much they wrote or read. Chris Harding then built a visualiser for this that output the complex control flow graph that results from this as a privsep-visualiser which would then form a guideline for future compartmentalisation activities.

The results of this work only got partly written up, despite being very cool (we all got busy with other projects). There is a workshop paper on Exploring Compartmentalisation Hypotheses with SOAAP which covers some of the work, and the wider CHERI/CTSRD project has done plenty more since.

Related Ideas