An emerging solution
The Capability Hardware Enhanced RISC Instructions(CHERI) provide a solution to memory access vulnerabilities, compartmentalization and control flow integrity without having to re-write all software.
CHERI has been primarily a research project until now! We recently proposed a CHERI extension for RISC-V in collaboration with the University of Cambridge and unveiled the first commercial implementation of CHERI-RISC-V: the X730 processor.
Features and benefits
Commercializing CHERI on an X730
The X730 is the first commercially licensable processor implementing CHERI-RISC-V. It is written using Codasip’s CodAL processor description language to maximize customization.
The baseline X730 microarchitecture is 64-bit and dual-issue. It has been extended to efficiently handle capabilities and implement CHERI’s new instructions and functions.
The register file, and some CSRs, are extended to 129 bits to accommodate capabilities. The memory system is extended to atomically handle capability tags while still using standard interfaces.
Most CHERI operations are implemented in the CCU including all safety checks. So every instruction is issued to the CCU along with another execution unit, like the Load/Store Unit for a store, and their outputs are combined when the instruction is committed.
The CHERI extension for RISC-V
Capabilities are CHERI’s beating heart! They are unforgeable tokens of authority that grant software the ability to perform a specific set of operations like load or store to memory.
Integer-based memory pointers are replaced with capabilities to protect memory. For example, the Program Counter is extended to be a capability (PCC) that grants permission to execute instructions from a constrained region of memory.