CheriABI: enforcing valid pointer provenance and minimizing pointer privilege in the POSIX C run-time environment
The Morning Paper
MAY 27, 2019
abstract capabilities are constructed only through legitimate provenance chains of operations, successively reducing permissions from initial maximally permissive capabilities provided at machine reset. The MIPS rows show the test suite results on a standard mips64 system.