The ideal versus the real: Revisiting the history of virtual machines and containers
A Randal - ACM Computing Surveys (CSUR), 2020 - dl.acm.org
The common perception in both academic literature and industry today is that virtual
machines offer better security, whereas containers offer better performance. However, a …
machines offer better security, whereas containers offer better performance. However, a …
CHERI: A hybrid capability-system architecture for scalable software compartmentalization
RNM Watson, J Woodruff, PG Neumann… - … IEEE Symposium on …, 2015 - ieeexplore.ieee.org
CHERI extends a conventional RISC Instruction-Set Architecture, compiler, and operating
system to support fine-grained, capability-based memory protection to mitigate memory …
system to support fine-grained, capability-based memory protection to mitigate memory …
The CHERI capability model: Revisiting RISC in an age of risk
Motivated by contemporary security challenges, we reevaluate and refine capability-based
addressing for the RISC era. We present CHERI, a hybrid capability model that extends the …
addressing for the RISC era. We present CHERI, a hybrid capability model that extends the …
Into the depths of C: elaborating the de facto standards
K Memarian, J Matthiesen, J Lingard, K Nienhuis… - ACM SIGPLAN …, 2016 - dl.acm.org
C remains central to our computing infrastructure. It is notionally defined by ISO standards,
but in reality the properties of C assumed by systems code and those implemented by …
but in reality the properties of C assumed by systems code and those implemented by …
Capability hardware enhanced RISC instructions: CHERI instruction-set architecture (version 7)
RNM Watson, PG Neumann, J Woodruff, M Roe… - 2019 - cl.cam.ac.uk
This technical report describes CHERI ISAv7, the seventh version of the Capability
Hardware Enhanced RISC Instructions (CHERI) Instruction-Set Architecture (ISA) being …
Hardware Enhanced RISC Instructions (CHERI) Instruction-Set Architecture (ISA) being …
Cheri concentrate: Practical compressed capabilities
We present CHERI Concentrate, a new fat-pointer compression scheme applied to CHERI,
the most developed capability-pointer system at present. Capability fat pointers are a …
the most developed capability-pointer system at present. Capability fat pointers are a …
Beyond the PDP-11: Architectural support for a memory-safe C abstract machine
D Chisnall, C Rothwell, RNM Watson… - ACM SIGARCH …, 2015 - dl.acm.org
We propose a new memory-safe interpretation of the C abstract machine that provides
stronger protection to benefit security and debugging. Despite ambiguities in the …
stronger protection to benefit security and debugging. Despite ambiguities in the …
FlexOS: towards flexible OS isolation
At design time, modern operating systems are locked in a specific safety and isolation
strategy that mixes one or more hardware/software protection mechanisms (eg user/kernel …
strategy that mixes one or more hardware/software protection mechanisms (eg user/kernel …
StkTokens: Enforcing well-bracketed control flow and stack encapsulation using linear capabilities
L Skorstengaard, D Devriese, L Birkedal - Proceedings of the ACM on …, 2019 - dl.acm.org
We propose and study StkTokens: a new calling convention that provably enforces well-
bracketed control flow and local state encapsulation on a capability machine. The calling …
bracketed control flow and local state encapsulation on a capability machine. The calling …
Capability Boehm: challenges and opportunities for garbage collection with capability hardware
D Jacob, J Singer - Proceedings of the 18th ACM SIGPLAN/SIGOPS …, 2022 - dl.acm.org
The Boehm-Demers-Weiser Garbage Collector (BDWGC) is a widely used, production-
quality memory management framework for C and C++ applications. In this work, we …
quality memory management framework for C and C++ applications. In this work, we …