This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Modifying capability handling in CHERI ISA extension

Hello! I am new to the CHERI project, and am trying to perform an experiment on how the capabilities are handled in the ISA. I have CheriBSD running in qemu, and have successfully cross-compiled some C code to run on it and demonstrated to myself that CHERI blocked an out of bounds memory access. I would like to know where in the source code the ISA is being extended for this functionality. I've looked through the OS code, and it is of course mostly all FreeBSD. If someone could point me in the right direction, I would be very appreciative. Also, if this is not the place to ask about this, please let me know a more appropriate forum. Thank you!

Parents
  • Discussion is in https://github.com/CTSRD-CHERI/cheribsd/issues/1535, but to summarise, the OS does not perform the checks, the hardware does, so there is no code in CheriBSD to perform the capability checks. As you note it's a property of the ISA, which is not a part of an OS but the instruction set implemented by a piece of hardware.

    In the case of running on QEMU, the hardware is emulated like any other QEMU architecture, but that is not part of CheriBSD, it's part of QEMU.

Reply
  • Discussion is in https://github.com/CTSRD-CHERI/cheribsd/issues/1535, but to summarise, the OS does not perform the checks, the hardware does, so there is no code in CheriBSD to perform the capability checks. As you note it's a property of the ISA, which is not a part of an OS but the instruction set implemented by a piece of hardware.

    In the case of running on QEMU, the hardware is emulated like any other QEMU architecture, but that is not part of CheriBSD, it's part of QEMU.

Children