CHERI Concentrate: Practical Compressed Capabilities
| Autor: | Alexandre Joannou, Khilan Gudka, Peter G. Neumann, David Chisnall, Robert M. Norton, A. Theodore Markettos, Jonathan Woodruff, Simon W. Moore, Nathaniel Wesley Filardo, Brooks Davis, Michael Roe, Robert N. M. Watson, Anthony Fox, Hongyan Xia |
|---|---|
| Přispěvatelé: | Xia, Hongyan [0000-0002-8047-899X], Norton-Wright, Robert [0000-0002-6095-6405], Moore, Simon [0000-0002-2806-495X], Apollo - University of Cambridge Repository |
| Rok vydání: | 2019 |
| Předmět: |
memory safety
Correctness business.industry Computer science Processor design Legacy system 02 engineering and technology Capabilities compression 020202 computer hardware & architecture Theoretical Computer Science Instruction set Uncompressed video Software Computational Theory and Mathematics Computer engineering Hardware and Architecture Pointer (computer programming) 0202 electrical engineering electronic engineering information engineering fat pointers computer architecture business |
| Popis: | We present CHERI Concentrate, a new fat-pointer compression scheme applied to CHERI, the most developed capability-pointer system at present. Capability fat pointers are a primary candidate to enforce fine-grained and non-bypassable security properties in future computer systems, although increased pointer size can severely affect performance. Thus, several proposals for capability compression have been suggested elsewhere that do not support legacy instruction sets, ignore features critical to the existing software base, and also introduce design inefficiencies to RISC-style processor pipelines. CHERI Concentrate improves on the state-of-the-art region-encoding efficiency, solves important pipeline problems, and eases semantic restrictions of compressed encoding, allowing it to protect a full legacy software stack. We present the first quantitative analysis of compiled capability code, which we use to guide the design of the encoding format. We analyze and extend logic from the open-source CHERI prototype processor design on FPGA to demonstrate encoding efficiency, minimize delay of pointer arithmetic, and eliminate additional load-to-use delay. To verify correctness of our proposed high-performance logic, we present a HOL4 machine-checked proof of the decode and pointer-modify operations. Finally, we measure a 50 to 75 percent reduction in L2 misses for many compiled C-language benchmarks running under a commodity operating system using compressed 128-bit and 64-bit formats, demonstrating both compatibility with and increased performance over the uncompressed, 256-bit format. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|