Paper Info
Title
Position Paper: Progressive Memory Safety for WebAssembly
Abstract
WebAssembly (Wasm) is a low-level platform-independent bytecode language. Today, developers can compile C/C++ to Wasm and run it everywhere, at almost native speeds. Unfortunately, this compilation from C/C++ to Wasm also preserves classic memory safety vulnerabilities, such as buffer overflows and use-after-frees. New processor features (e.g., tagged memory, pointer authentication, and fine grain capabilities) are making it increasingly possible to detect, mitigate, and prevent such vulnerabilities with low overhead. Unfortunately, Wasm JITs and compilers cannot exploit these features. Critical high-level information---e.g., the size of an array---is lost when lowering to Wasm. We present MS-Wasm, an extension to Wasm that bridges this gap by allowing developers to capture low-level C/C++ memory semantics such as pointers and memory allocation in Wasm, at compile time. At deployment time, Wasm compilers and JITs can leverage these added semantics to enforce different models of memory safety depending on user preferences and what hardware is available on the target platform. This way, MS-Wasm offers a range of security-performance trade-offs, and enables users to move to progressively stronger models of memory safety as hardware evolves.
Year
DOI
Venue
2019
10.1145/3337167.3337171
Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy
Keywords
Field
DocType
Wasm, WebAssembly, memory safety, tagged memory
Pointer (computer programming),Memory safety,Computer science,Compile time,Compiler,Memory management,Memory semantics,Bytecode,Operating system,Buffer overflow
Conference
ISBN
Citations 
PageRank 
978-1-4503-7226-8
3
0.46
References 
Authors
0
6
Name
Order
Citations
PageRank
Craig Disselkoen1204.15
John Renner230.46
Conrad Watt3112.26
Tal Garfinkel42008171.66
Amit Levy530.80
Deian Stefan641829.21