A technical paper titled “Mon CHÈRI <3 Adapting Capability Hardware Enhanced RISC with Conditional Capabilities” was published by researchers at Ericsson Security Research, Université Libre de Bruxelles, and KU Leuven.
“Up to 10% of memory-safety vulnerabilities in languages like C and C++ stem from uninitialized variables. This work addresses the prevalence and lack of adequate software mitigations for uninitialized memory issues, proposing architectural protections in hardware. Capability-based addressing, such as the University of Cambridge’s CHERI, mitigates many memory defects, including spatial and temporal safety violations at an architectural level. However, current CHERI designs do not handle undefined behavior from uninitialized variables. We extend the CHERI capability model to include “conditional capabilities”, enabling memory-access policies based on prior operations. This allows enforcement of policies that satisfy memory safety objectives such as “no reads to memory without at least one prior write” (Write-before-Read). We present our architecture extension, compiler support, and a detailed evaluation of our approach using the QEMU full-system simulator and our modified FPGA-based CHERI-RISCV softcore. Our evaluation shows Write-before-Read conditional capabilities are practical, with high detection accuracy while adding a small (~3.5%) overhead to the existing CHERI architecture.”
Find the technical paper here. Published July 2024 (preprint).
Gülmez, Merve, Håkan Englund, Jan Tobias Mühlberg, and Thomas Nyman. “Mon CHERI< 3 Adapting Capability Hardware Enhanced RISC with Conditional Capabilities.” arXiv preprint arXiv:2407.08663 (2024).
Related Reading
Memory’s Future Hinges On Reliability
Robust implementations are a major issue, particularly as memory density increases.
Leave a Reply