Capability machines provide security guarantees at machine level which makes them an interesting target for secure compilation schemes that provably enforce properties such as control-flow correctness and encapsulation of local state. We provide a formalization of a representative capability machine with local capabilities and study a novel calling convention. We provide a logical relation that semantically captures the guarantees provided by the hardware (a form of capability safety) and use it to prove control-flow correctness and encapsulation of local state. The logical relation is not specific to our calling convention and can be used to reason about arbitrary programs.
Original languageEnglish
Article number5
Pages (from-to)5:1-5:53
Number of pages53
JournalACM Trans. Program. Lang. Syst.
Issue number1
Publication statusPublished - 1 Dec 2019

    Research areas

  • well-bracketed control flow, CHERI, logical relations, stack encapsulation, local capabilities, secure compilation, Capability machines

ID: 49076440