Monday 12 October 2020

Security Analysis of CHERI ISA

The CHERI ISA extension provides memory-protection features which allow historically memory-unsafe programming languages such as C and C++ to be adapted to provide strong, compatible, and efficient protection against many currently widely exploited vulnerabilities.

we evaluate attacks against the pure-capability mode of CHERI since non-capability code in CHERI’s hybrid mode could be attacked as-is today. The CHERI system assessed for this research is the CheriBSD operating system running under QEMU as it is the largest CHERI adapted software available today