zlacker

[return to "Arm releases experimental CHERI-enabled Morello board"]
1. phkahl+Hu[view] [source] 2022-01-20 14:34:46
>>zxombi+(OP)
How does this compare to testing with address sanitizers?
◧◩
2. trasz+fC[view] [source] 2022-01-20 15:12:36
>>phkahl+Hu
Apart from some more interesting scenarios enabled by CHERI: you probably don’t want to run all your production software with address sanitizers, because it would be unacceptably slow. Here the performance overhead is negligible.
◧◩◪
3. phkahl+RB1[view] [source] 2022-01-20 19:39:41
>>trasz+fC
But maybe we can run sanitizers during testing and catch most of the issues CHERI will find without building it into hardware. OTOH that doesn't do anything to protect against malicious code, but that should be properly sandboxed anyway.
◧◩◪◨
4. jrtc27+dE1[view] [source] 2022-01-20 19:51:40
>>phkahl+RB1
You should indeed run sanitisers during testing and catch most of the issues; we encourage this! What CHERI provides is twofold:

1. Memory safety issues not found in testing do not lurk as exploitable vulnerabilities; testing is never perfect, often far from it when it comes to edge/unexpected cases where vulnerabilities lurk (though fuzzing can help somewhat)

2. Sandboxing still needs some kind of isolation primitive, which CHERI can provide in place of the heavyweight MMU-based techniques that exist today

Plus let's not kid ourselves that all software is being tested with sanitisers. The vast majority of software running on your system probably is not.

[go to top]