CHERI

Adversarial Examples: A great starting point! These exercises will introduce you to the concept of capabilities and how they can be used to protect against various security threats.

Troubleshooting

1) Mounting a Folder to QEMU: It is needed when you do cross-compiling! You can check this commit

Simply run in qemu:

mount_smbfs -I 10.0.2.4 -N //10.0.2.4/source_root /mnt

2) If running ~/cheri/cheribuild/cheribuild.py run-riscv64-purecap -d results in an error indicating that the -lsbuf library cannot be found, unset your SYSROOT.

You can use this script https://ctsrd-cheri.github.io/cheri-exercises/introduction/ccc.html. This script simplifies the compilation process for CHERI. You don’t need to set SYSROOT, or the others.

ccc riscv64-purecap print-pointer.c -o printpointer`

3) How to connect to running qemu? You can connect running qemu via ssh, find its IP address and port.

ssh root@127.0.0.1 -p portnumber

Learning how to CHERI compartmentalization work

Very well-done examples is here https://github.com/capablevms/cheri-examples/

Learning how CHERI capability works in the assembly level

GoBolt for CHERI https://cheri-compiler-explorer.cl.cam.ac.uk/

ARM morello specifications.. https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://documentation-service.arm.com/static/61e577e1b691546d37bd38a0%3Ftoken%3D&ved=2ahUKEwjzo8zMho-FAxWQGRAIHXT6C3sQFnoECBkQAQ&usg=AOvVaw1zlS2wusJLyYE6bP0ALowC