CHERI with a Linux on Top
6 hours ago
- #Linux
- #CHERI
- #Security
- CHERI (Capability Hardware Enhanced RISC Instructions) extends instruction-set architectures to improve system security by adding support for capabilities.
- Capabilities are unforgeable, transferable tokens that authorize the use of an object, combining a reference with access rights.
- CHERI provides memory safety for languages like C and C++ and offers fine-grained compartmentalization, down to the byte level.
- The project started 15 years ago by Cambridge University and SRI International, funded by DARPA, and is now led by the CHERI Alliance.
- Linux has been ported to run on CHERI, with the 6.16 kernel running in purecap mode, where every pointer is a capability.
- CHERI can help with MMU-less systems by providing hardware-enforced isolation, though it doesn't handle address translation.
- Performance overhead for CHERI is minimal, with less than 5% silicon area increase and similar clock speeds compared to non-CHERI CPUs.
- Future work includes compartmentalizing kernel modules and supporting BPF in user space, leveraging CHERI's security features.