The Morello hardware technology demonstrator (or Morello evaluation board) provides a SoC implementation of Arm's prototype architecture. It expands a 64-bit Armv8-A CPU with an experimental integration of CHERI (Capability Hardware Enhanced RISC Instructions). The platform was created to enable software developers and researchers to explore the benefits and challenges of the prototype architecture, providing valuable feedback to inform future development.
The software landscape, across which the Morello board allows experimentation and development, is vast. Ranging from foundational enablement in tooling and operating systems, through to security compliance testing and experimentation with workloads, managed languages and runtimes. Covering all these bases requires collaborative engineering engagement and relies on the joint efforts of a range of organizations with a common interest in exploring the prototype security architecture.
Arm's software contributions to Morello target various open-source projects. This work is brought together in a series of integrated software stacks targeting the Morello board and Morello Platform Model (FVP). A collaboration with Linaro, to provide development infrastructure, allows us to host this work in a series of public code repositories dedicated to Morello research. Most of the work will not be upstreamed as this is a prototype architecture.
The following diagram gives a high-level view of the software stacks and a starting point for discussing the status and roadmap of a range of activities. These stacks and the associated tooling are intended to enable collaboration on existing work and new work on alternate RTOS and OS environments, tools, and workloads. Arm's software teams will be continuing to explore and expand the application of Morello throughout the lifetime of the program, which runs until 2024.
Initial support for any platform requires the development of a firmware stack. The Morello firmware is based on a range of Open Source firmware projects (SCP, TF-A, EDK II) which perform initialization of SoC and board level IPs. This supports boot of higher level operating systems and bare-metal development environments. During the last quarter of 2021, teams inside Arm were working hard on silicon bringup and validation activities for the new Morello SoC. This includes additional firmware development and confirmation that key interfaces like DDR DRAM and PCIe were functional - allowing further testing with a range of operating systems and capability aware workloads.
Initial firmware images will be available in January 2022 to support organizations working with early prototype hardware. As boards start to become more widely available, the hardware platform will support the same range of software stacks developed for the existing Morello Fixed Virtual Platform (FVP) model.
Above the firmware, a range of factors relating to the specific aims of individual research projects will dictate which environment is best suited for development. CheriBSD is a FreeBSD derivative developed and maintained by the University of Cambridge. This benefits from a long history of CHERI-focused development across a range of computer architectures and provides strong memory protection for the kernel and user space. Scalable single-address-space software compartmentalization will also be supported. The CheriBSD port for the Morello board provides a mature environment for general research and user space experimentation.
However, most of commercial devices are based on Android and Linux, which is why Arm is focused on exploring the application of the Morello prototype architecture to these environments.
At the start of the Morello Program, work in Arm was focused on the development of an experimental Morello LLVM toolchain, drawing on earlier research at the University of Cambridge. Prebuilt toolchains are currently available to support both Android and Linux enablement for Morello, along with a bare-metal variant which includes a newlib library implementation.
Availability of this tooling allowed us to begin looking at the application of Morello to Android. A minimal (nano) headless Android (64-bit) profile environment, suitable for use with the FVP, was created. Into this environment, a pure-capability (purecap) variant of the Bionic C library was introduced, which allows user space workloads and services to be rebuilt as purecap applications. Several example ports are supplied with the current release, along with an analysis of a mitigation for a memory safety exploits in the libjpeg-turbo library. A full Android 11 (64-bit) environment, with the same evolving purecap support, will be available to support the Morello board. This will initially rely on software rendering (rather than using the hardware GPU) to support a UI and ties into a wider story around graphics support.
There is a long road ahead for potential areas of research and exploration on Android. This includes the evolution of Bionic (aligning with work in the Linux kernel) alongside investigations into how Morello might be applied to key components like ART & Zygote. The arrival of a hardware platform opens up new opportunities to begin investigating workload performance and the potential benefits of features like compartments.
The Morello board includes an implementation of Arm's Mali-G76 GPU and Mali-D35 display processor. An existing upstream kernel driver supports the latter. GPU support is based on the Panfrost open-source driver framework for Mali Bifrost GPU architectures, enabling public ecosystem development and avoiding reliance on proprietary drivers. Our aim is to validate an initial Morello platform port of a 64-bit Panfrost GPU driver in a Linux/Mesa graphics framework in the first half of 2022. This provides a foundation for Android graphics development and also supports longer term investigation into the application of the security architecture to graphics stacks.
Throughout 2022 and beyond, Arm's software teams will begin publishing work on the application of Morello to Linux environments. This will be supported by the development of additional GNU Morello GCC toolchain and glibc implementation.
The Linux kernel used in current Morello releases is lightly modified and relies on a user space (libshim) translation layer in C libraries to support a full set of system calls. This enables functional development & porting efforts in user space, but does not provide a secure implementation.
Efforts are now well underway to migrate functionality from libshim into the kernel. This is implemented as a new kernel-user interface (using capabilities, instead of 64-bit integer pointers) based on a PCuABI (pure-capability kernel-user ABI) specification. Work has started on the incremental introduction of functional support and, later in 2022, the implementation will start enforcing capabilities to provide memory safety at the kernel-user boundary. When linked with developments in associated C libraries (Bionic, Musl libc, Glibc) this ultimately enables Android and Linux environments to support a mix of purecap and “COMPAT” 64-bit user space components.
An initial prototype Linux development environment will be available to support the Morello board at launch. This is built using the existing Morello LLVM toolchain and includes a purecap musl libC port and applications integrated into a standard (64-bit) rootfs. A second software release in the first half of 2022 will provide a complete rootfs and transitional PCuABI kernel support. This involves introducing a Morello Kernel into a standard (64-bit) Debian distribution. An expanding purecap user space world can then gradually be built up inside a chroot. This approach mirrors the environment used to bootstrap Arm v-8A devices from a 32-bit to 64-bit world many years ago. Both Linux environments allow native (Arm on Arm) development on the Morello board.
You can find out more about Open Source software support for the Morello project by visiting the landing page. Collaboration and contributions are very welcome. We look forward to working with you.
Morello Platform Open Source Software
Website - Arm Morello Program
Blog - Creating the Morello Technology Demonstrator
Blog - Morello Research Program Hits Major Milestone with Hardware Now Available for Testing
Specification - Morello for A-profile Architecture supplement
Guide - Morello Prototype Architecture Overview Guide
Guide - Morello Development Platform and Software Getting Started Guide