Content deleted Content added
Guy Harris (talk | contribs) →CHERI implementations: Link Codasip, as it's the first place it's mentioned in the article. Copyedit a sentence. |
m →History: link to UKRI page |
||
Line 52:
In 2019 CheriABI<ref>{{cite conference |author1=Brooks Davis |author2=Robert N. M. Watson |author3=Alexander Richardson |author4=Peter G. Neumann |author5=Simon W. Moore |author6=John Baldwin |author7=David Chisnall |author8=Jessica Clarke |author9=Nathaniel Wesley Filardo |author10=Khilan Gudka |author11=Alexandre Joannou |author12=Ben Laurie |author13=A. Theodore Markettos |author14=J. Edward Maste |author15=Alfredo Mazzinghi |author16=Edward Tomasz Napierala |author17=Robert M. Norton |author18=Michael Roe |author19=Peter Sewell |author20=Stacey Son |author21=Jonathan Woodruff |date=2019 |title=CheriABI: Enforcing Valid Pointer Provenance and Minimizing Pointer Privilege in the POSIX C Run-time Environment |book-title=Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '19) |publisher=Association for Computing Machinery |___location=New York, NY, USA |pages=379–393 |doi=10.1145/3297858.3304042 |url=https://doi.org/10.1145/3297858.3304042}}</ref> demonstrated a fully memory-safe implementation of POSIX, allowing existing desktop software to become memory safe with a single recompile.
By 2020 it became evident that software vendors were reluctant to port their software without hardware vendor support, while hardware vendors were unwilling to produce chips without sufficient customer demand. [[UK Research and Innovation]] (UKRI) launched the Digital Security by Design (DSbD) programme<ref name="dsbd">{{cite web |author=<!-- not stated --> |year=2020 |title=Digital security by design |url=https://www.ukri.org/what-we-do/browse-our-areas-of-investment-and-support/digital-security-by-design/ |access-date=18 January 2025 |publisher=UK Research and Innovation}}</ref> to address adoption barriers for CHERI. The programme allocated £70M, matched by £100M of industrial investment, to build the CHERI software ecosystem.<ref name="dsbd" />
This initiative funded Arm's Morello chip, a ''superset architecture'' designed to evaluate experimental CHERI features for potential production use based on [[AArch64]]. The Morello board was designed to run CheriBSD, as well as custom versions of Android and Linux. At the same time, the Cornucopia<ref>{{cite conference |author1=Nathaniel Wesley Filardo |author2=Brett F. Gutstein |author3=Jonathan Woodruff |author4=Sam Ainsworth |author5=Lucian Paul-Trifu |author6=Brooks Davis |author7=Hongyan Xia |author8=Edward Tomasz Napierala |author9=Alexander Richardson |author10=John Baldwin |author11=David Chisnall |author12=Jessica Clarke |author13=Khilan Gudka |author14=Alexandre Joannou |author15=A. Theodore Markettos |author16=Alfredo Mazzinghi |author17=Robert M. Norton |author18=Michael Roe |author19=Peter Sewell |author20=Stacey Son |author21=Timothy M. Jones |author22=Simon W. Moore |author23=Peter G. Neumann |author24=Robert N. M. Watson |title=Cornucopia: Temporal Safety for CHERI Heaps |book-title=Proceedings of the 41st IEEE Symposium on Security and Privacy (Oakland 2020) |___location=San Jose, CA, USA |date=18–20 May 2020 |url=https://www.cl.cam.ac.uk/research/security/ctsrd/pdfs/2020oakland-cornucopia.pdf |doi=10.1109/SP40000.2020.00098}}</ref> project demonstrated that CHERI could enforce both spatial and temporal memory safety, offering deterministic protection against heap object temporal aliasing (roughly, "use-after-free"). The follow-up project, Cornucopia Reloaded,<ref name="cornucopiareloaded" /> showcased efficient temporal safety using page-table features in Morello, in particular, near-negligible pause times for the application making use of revocation.
| |||