Preserving Memory Safety in Safe Rust during Interactions with Unsafe Languages

reportActive / Technical Report | Accesssion Number: AD1188941 | Open PDF

Abstract:

Rust is a programming language that simultaneously offers high performance and strong security guarantees. However, these guarantees come at the cost of strict compiler checks that sometimes prevent necessary code patterns. The unsafe keyword allows developers to bypass these compiler checks, and is used in both pure Rust and mixed-language applications. But the use of unsafe undermines the security guarantees of Rust that make it an attractive option in the first place.We first demonstrate that within a real-world pure Rust application, many uses of unsafe can be eliminated,or reduced to formally verifiable standard libraries. We then present Galeed, a system for isolating and protecting the Rust heap from access by other programming languages using Intels Memory Protection Key (MPK) technology. We demonstrate both the effectiveness and efficiency of Galeed on Firefox, a web browser written in Rust and C .

Author(s):
Rivera, Elijah
Author Organization(s):
MIT Lincoln Laboratory; Massachusetts Institute of Technology
Funding Organization(s):
Assistant Secretary of Defense for Research and Engineering, Washington , DC
Document Type:
Technical Report/Master's Thesis
Publication Date:
2021 Jun 01
Pagination:
66

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution Code:
A - Approved For Public Release
Distribution Statement: Public Release

RECORD

Collection: TRECMS
Identifying Numbers
Contract Number(s):
FA8702-15-D-0001
Subject Terms
Modernization Areas:
Cyber
Communities of Interest:
Cyber
Descriptor(s):
web browsers, computer programming, computers, computer science, operating systems, programming languages, computer programs, c programming language, computer languages, python programming language, electrical engineering, language, mobile operating systems, engineering, standards
Creation Date:
2022 Dec 29
Update Date:
2022 Dec 29