Abstract / Description of output
Contemporary CPU architectures conflate virtualization and protection, imposing virtualization-related performance, programmability, and debuggability penalties on software requiring finegrained protection. First observed in micro kernel research, these problems are increasingly apparent in recent attempts to mitigate software vulnerabilities through application compartmentalisation. Capability Hardware Enhanced RISC Instructions (CHERI) extend RISC ISAs to support greater software compartmentalisation. CHERI’s hybrid capability model provides fine-grained compartmentalisation within address spaces while maintaining software backward compatibility, which will allow the incremental deployment of fine-grained compartmentalisation in both our most trusted and least trustworthy C-language software stacks. We have implemented a 64-bit MIPS research soft core, BERI, as well as a capability coprocessor, and begun adapting commodity software packages (FreeBSD and Chromium) to execute on the platform.
Original language | English |
---|---|
Number of pages | 8 |
Publication status | Published - 3 Mar 2012 |
Event | Runtime Environments, Systems, Layering and Virtualized Environments (RESoLVE) 2012 - London, United Kingdom Duration: 3 Mar 2012 → 3 Mar 2012 Conference number: 2 http://www.dcs.gla.ac.uk/conferences/resolve12/index.html |
Workshop
Workshop | Runtime Environments, Systems, Layering and Virtualized Environments (RESoLVE) 2012 |
---|---|
Abbreviated title | RESoLVE 2012 |
Country/Territory | United Kingdom |
City | London |
Period | 3/03/12 → 3/03/12 |
Internet address |