CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization

Abstract—CHERI extends a conventional RISC Instruction-Set Architecture, compiler, and operating system to support fine-grained, capability-based memory protection to mitigate memory-related vulnerabilities in C-language TCBs. We describe how CHERI capabilities can also underpin a hardware-software object-capability model for application compartmentalization that can mitigate broader classes of attack. Prototyped as an extension to the open-source 64-bit BERI RISC FPGA soft-core processor, FreeBSD operating system, and LLVM compiler, we demonstrate multiple orders-of-magnitude improvement inscalability, simplified programmability, and resulting tangible security benefits as compared to compartmentalization based on pure Memory-Management Unit (MMU) designs. We evaluate incrementally deployable CHERI-based compartmentalization using several real-world UNIX libraries and applications.

Imgur is over capacity!

Sorry! We're busy running around with our hair on fire because Imgur is over capacity! This can happen when the site is under a very heavy load, or while we're doing maintenance.

Please try again in a few minutes.

Show more

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.