Codasip, the RISC-V Custom Compute specialist, has announced the first commercial implementation of CHERI (Capability Hardware Enhanced RISC Instructions
Very little information about this. Can’t even tell if it is going to be 32-bit or 64-bit.
There have been open source cores for running on FPGAs available for some time. Most work seem to have been for 64-bit, so this seems likely.
A “capability” (in this context) is a pointer with bounds and access rights built in. Memory tagging in hardware makes capabilities unforgeable.
Cheri/RISC-V allows for multiple models: Full, hybrid and legacy. In the full model, capabilities and Cheri instructions are used instead of pointers and normal instructions — and buffer overflows are impossible.
In hybrid models, capabilities are used to protect certain resources, or used for compartmentalisation within a program (cap inside legacy, or legacy inside cap).
The downside is that a stored capability is twice as large as a normal pointer. 128 bits on 64-bit systems and 64 bits on 32-bit systems … despite bounds being “compressed” using a floating-point like encoding to have larger granularity the larger they are.
Very little information about this. Can’t even tell if it is going to be 32-bit or 64-bit.
There have been open source cores for running on FPGAs available for some time. Most work seem to have been for 64-bit, so this seems likely.
A “capability” (in this context) is a pointer with bounds and access rights built in. Memory tagging in hardware makes capabilities unforgeable. Cheri/RISC-V allows for multiple models: Full, hybrid and legacy. In the full model, capabilities and Cheri instructions are used instead of pointers and normal instructions — and buffer overflows are impossible. In hybrid models, capabilities are used to protect certain resources, or used for compartmentalisation within a program (cap inside legacy, or legacy inside cap). The downside is that a stored capability is twice as large as a normal pointer. 128 bits on 64-bit systems and 64 bits on 32-bit systems … despite bounds being “compressed” using a floating-point like encoding to have larger granularity the larger they are.
Wow. I remember seeing something like this in description of ELBRUS architecture.
Interesting. Thank you.