Post · bonfire.cafe

David Chisnall (*Now with 50% more sarcasm!*)

@david_chisnall@infosec.exchange · last week

Sealing is one of the most powerful abstractions in #CHERI systems, because a tiny bit of hardware lets you turn a lot of software-engineering boundaries into security boundaries. In this post, I discuss how we make extensive use of this low-level feature throughout the #CHERIoT platform:

CHERIoT Platform

How CHERIoT uses Sealing

Sealing is one of the oldest parts of CHERI and one of the most powerful. When I joined the project in 2012 it was integral to the early prototype call-gate mechanism. You can find this version in our 2014 tech report. It included CSealCode and CSealData instructions that assembled a pair of capabilities that could be used with the CCall instruction to perform a cross-compartment call. By our IEEE Security and Privacy 2015 paper, this had been replaced with the modern sealing mechanism that we use today.

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0 no JS en

Automatic federation enabled