Projekte pro Jahr
Abstract
The CHERI capability architecture is designed to implement the principle of least privilege at the hardware level, enabling fine-grain compartmentalization of resources in memory.
Besides memory, capability-enhanced processors like the ARM Morello SoC rely on traditional ring-based isolation for instruction and register control.
However, previous works have demonstrated that exploiting access to system registers or privileged instructions can allow attackers to break or bypass the memory isolation.
Furthermore, ring-based isolation is too coarse-grain for software isolation that aims to enforce least privilege.
This paper presents CHERI Unchained, a novel CHERI ISA extension that allows explicit management of (non-memory) hardware resources through software-controlled capabilities.
Specifically, we introduce the new concept of control capabilities, which enforce the principle of least privilege by restricting access to instructions and registers while following CHERI’s overarching design goals of provenance, integrity, and monotonicity.
Our design enables fine-grain resource management for both, pure-capability and legacy software.
Furthermore, CHERI Unchained has the potential to replace traditional ring-based protection entirely, thus reducing complexity while providing a higher degree of privilege control flexibility.
To demonstrate the feasibility of our design, we present a functional prototype based on the CHERI-QEMU simulator and evaluate the performance on the ARM Morello platform.
Extending generic software running on Morello with fine-grain hardware resource management incurs a worst-case performance overhead of 2.76%.
Additionally, we extensively analyze the security of all privilege-related mechanisms in our design, highlighting the flexibility of our generic approach.
Besides memory, capability-enhanced processors like the ARM Morello SoC rely on traditional ring-based isolation for instruction and register control.
However, previous works have demonstrated that exploiting access to system registers or privileged instructions can allow attackers to break or bypass the memory isolation.
Furthermore, ring-based isolation is too coarse-grain for software isolation that aims to enforce least privilege.
This paper presents CHERI Unchained, a novel CHERI ISA extension that allows explicit management of (non-memory) hardware resources through software-controlled capabilities.
Specifically, we introduce the new concept of control capabilities, which enforce the principle of least privilege by restricting access to instructions and registers while following CHERI’s overarching design goals of provenance, integrity, and monotonicity.
Our design enables fine-grain resource management for both, pure-capability and legacy software.
Furthermore, CHERI Unchained has the potential to replace traditional ring-based protection entirely, thus reducing complexity while providing a higher degree of privilege control flexibility.
To demonstrate the feasibility of our design, we present a functional prototype based on the CHERI-QEMU simulator and evaluate the performance on the ARM Morello platform.
Extending generic software running on Morello with fine-grain hardware resource management incurs a worst-case performance overhead of 2.76%.
Additionally, we extensively analyze the security of all privilege-related mechanisms in our design, highlighting the flexibility of our generic approach.
| Originalsprache | englisch |
|---|---|
| Titel | Proceedings of the 20th International Conference on Availability, Reliability and Security, ARES 2025 |
| Publikationsstatus | Angenommen/In Druck - 2025 |
| Veranstaltung | 20th International Conference on Availability, Reliability and Security, ARES 2025 - Ghent, Belgien Dauer: 11 Aug. 2025 → 14 Aug. 2025 |
Konferenz
| Konferenz | 20th International Conference on Availability, Reliability and Security, ARES 2025 |
|---|---|
| Kurztitel | ARES 2025 |
| Land/Gebiet | Belgien |
| Ort | Ghent |
| Zeitraum | 11/08/25 → 14/08/25 |
Fingerprint
Untersuchen Sie die Forschungsthemen von „CHERI UNCHAINED: Generic Instruction and Register Control for CHERI Capabilities“. Zusammen bilden sie einen einzigartigen Fingerprint.Projekte
- 1 Abgeschlossen
-
AWARE - Hardware-gewährleistete Softwaresicherheit
Mangard, S. (Teilnehmer (Co-Investigator))
1/05/22 → 30/04/25
Projekt: Forschungsprojekt