zlacker

[return to "Arm releases experimental CHERI-enabled Morello board"]
1. DrBazz+3c[view] [source] 2022-01-20 12:49:25
>>zxombi+(OP)
> The CHERI memory-protection features allow historically memory-unsafe programming languages such as C and C++ to be adapted to provide strong, compatible, and efficient protection against many currently widely exploited vulnerabilities.

https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/

◧◩
2. blueje+pz[view] [source] 2022-01-20 14:59:14
>>DrBazz+3c
My reading of that linked article on CHERI is two things. First that software needs to adopt the instructions in order to use it. It then raises a question of what is the benefit. What is the experience compared to today, and it should be that embedded software can gain some of the features that are generally reserved for user space. That’s virtual memory protection.

The experience then I would guess is that software will crash rather than, for example, read bad data from the wrong address space. A feature user space apps get from virtual memory (if it’s outside their processes memory space that is).

Did I get this right? Also, it should help Rust just as much, especially in unsafe code regions.

◧◩◪
3. _0w8t+IP[view] [source] 2022-01-20 16:07:19
>>blueje+pz
With a program split into multiple small compartments one does not need to crash the whole application on out-of-bound access. It will be enough to signal the parent compartment that one of its children performed an illegal operation.
[go to top]