Security Analysis of CHERI ISA
The CHERI ISA extension provides memory-protection
features which allow historically memory-unsafe programming languages such as C
and C++ to be adapted to provide strong, compatible, and efficient protection
against many currently widely exploited vulnerabilities.
we evaluate attacks against the
pure-capability mode of CHERI since non-capability code in CHERI’s hybrid mode
could be attacked as-is today. The CHERI system assessed for this research is
the CheriBSD operating system running under QEMU as it is the largest CHERI
adapted software available today