UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Fast Protection-Domain Crossing in the CHERI Capability-System Architecture

Watson, RNM; Norton, RM; Woodruff, J; Moore, SW; Neumann, PG; Anderson, J; Chisnall, D; ... Vadera, M; + view all (2016) Fast Protection-Domain Crossing in the CHERI Capability-System Architecture. IEEE Micro , 36 (5) pp. 38-49. 10.1109/MM.2016.84. Green open access

[thumbnail of Murdoch_Watson_et_al-2016-IEEE_Micro_Journal-AM.pdf]
Preview
Text
Murdoch_Watson_et_al-2016-IEEE_Micro_Journal-AM.pdf - Accepted Version

Download (494kB) | Preview

Abstract

Capability Hardware Enhanced RISC Instructions (CHERI) supplement the conventional memory management unit (MMU) with instruction-set architecture (ISA) extensions that implement a capability system model in the address space. CHERI can also underpin a hardware-software object-capability model for scalable application compartmentalization that can mitigate broader classes of attack. This article describes ISA additions to CHERI that support fast protection-domain switching, not only in terms of low cycle count, but also efficient memory sharing with mutual distrust. The authors propose ISA support for sealed capabilities, hardware-assisted checking during protection-domain switching, a lightweight capability flow-control model, and fast register clearing, while retaining the flexibility of a software-defined protection-domain transition model. They validate this approach through a full-system experimental design, including ISA extensions, a field-programmable gate array prototype (implemented in Bluespec SystemVerilog), and a software stack including an OS (based on FreeBSD), compiler (based on LLVM), software compartmentalization model, and open-source applications.

Type: Article
Title: Fast Protection-Domain Crossing in the CHERI Capability-System Architecture
Open access status: An open access version is available from UCL Discovery
DOI: 10.1109/MM.2016.84
Publisher version: http://dx.doi.org/10.1109/MM.2016.84
Language: English
Additional information: © 1981-2012 IEEE. Copyright © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Keywords: Memory management, Systems modeling, Reduced instruction set computing, Program processors, Capability engineering, capabilities, memory management unit, instruction set architecture, ISA, processor, security, memory protection, capability, CHERI, hardware, software, compartmentalization, vulnerability mitigation, capability system
UCL classification: UCL
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/1531757
Downloads since deposit
194Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item