
Cheri C/C++ Programming Guide: Capability Hardware Enhanced RISC Instructions [pdf] - cperciva
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-947.pdf
======
MaxBarraclough
Here's the CHERI project home-page, which may be more approachable than the
paper:

[https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/](https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/)

------
zvrba
People were already worried about cache effects of transition of pointers from
32 to 64 bit, and this doubles the size again to 128 bits. Performance
implications are as of yet unknown, but I wouldn't get surprised if it gets
shown that a managed environment (.net, jvm) outperforms c/c++ code adapted to
cheri. JVM already does pointer compression.

~~~
pjmlp
I guess the whole point is that while many of security conscious developers
would like to replace C and C++ with managed solutions, there are millions of
lines of code that will never be rewritten specially those from POSIX
environments, so hardware mitigations like these seem to be the only good
solution going forward.

------
pjmlp
This is really the only way to tame C like languages, short of some Safe C
variant (like MSR Checked C) ever gains adoption outside research labs.

CHERI is an welcomed addition to the SPARC ADI and ARM MTE efforts.

------
saagarjha
CHERI is quite interesting; I think it has the potential to actually usher in
architectural memory safety where other efforts have floundered. Given that I
hear Morello boards might be available fairly soon I’m curious if anyone has
done serious research on what kinds of practical attacks might still be
possible in this model. Perhaps we’ll see this once more specs come out?

~~~
pjmlp
I wouldn't consider Solaris SPARC ADI, what Apple and Google are pursuing with
ARM as floundered efforts, even though they aren't quite there, better than on
plain old CPUs.

I also would like to see Checked C succeed where others have failed, but that
is probably wishful thinking.

------
boxfire
This could have used an earlier definition (as in IN THE ABSTRACT) of what the
CHERI system hopes to accomplish. A dialect for memory safe pointer access and
other architectural capabilities built into pointers

