Arm has announced availability of a system-on-chip (SoC) and demonstrator board containing the first example of its Morello prototype, based on the CHERI architecture that defines hardware capabilities to provide a fundamentally more secure building block for software.
The Morello prototype boards are now being released and are ready for software developers and security specialists to start using the Morello architecture to demonstrate enhanced security that can be achieved with hardware capabilities. The Arm Morello program is a research program led by Arm to create a more secure hardware architecture for processors of the future. Its architectural extensions are based on Arm’s work with the University of Cambridge since 2015 on the CHERI (Capability Hardware Enhanced RISC Instructions) protection model.
The Morello program aims to assess the viability of the Morello board, a prototype hardware system on chip (SoC) employing unique extensions to the conventional Arm hardware instruction set that significantly improve device security. The Morello board serves as a real-world test platform for the deployment of more secure hardware architecture in processors of the future.
CHERI: memory protection and scalable software compartmentalization
CHERI is a joint research project of SRI International and the University of Cambridge to revisit fundamental design choices in hardware and software to dramatically improve system security. It has been supported by the DARPA CRASH, MRC, and SSITH programs since 2010, as well as other DARPA research and transition funding. Since 2019, development of Arm’s experimental CHERI-enabled Morello processor, SoC, and board has been supported by the U.K. government’s research and innovation agency, UKRI.
CHERI extends conventional hardware instruction set architectures (ISAs) with new architectural features to enable fine-grained memory protection and highly scalable software compartmentalization. Its memory-protection features allow historically memory-unsafe programming languages such as C and C++ to be adapted to provide strong, compatible, and efficient protection against many currently widely exploited vulnerabilities. A scalable compartmentalization features enable the fine-grained decomposition of operating system (OS) and application code, to limit the effects of security vulnerabilities in ways that are not supported by current architectures.
As a hybrid capability architecture, it is able to blend architectural capabilities with conventional MMU-based architectures and microarchitectures, and with conventional software stacks based on virtual memory and C/C++. This approach allows incremental deployment within existing software ecosystems, which we have demonstrated through extensive hardware and software prototyping.
As Microsoft explains in a blog, unlike many other proposed memory-safety technologies, CHERI (by design) does not depend on secrets. This means that it deterministically mitigates vulnerability classes, rather than giving a high probability of detecting them. Probabilistic mitigations have not historically shown to be durable because attackers find ways of leaking the secrets and turning low-probability attacks into high-probability attacks. An attacker can bypass any mitigation that depends on secrets by leaking the secret and may be able to bypass it with a high probability if they can reduce the entropy of the secret. The deterministic aspect of CHERI also means that it can be used as a building block for higher-level security abstractions.
In CHERI, every load or store instruction and every instruction fetch must be authorized by an architectural capability. Load and store instructions take a capability as the base instead of an integer address. The capability both identifies an address and grants access to a range of memory (including permissions, such as read, write, or execute). The ISA provides operations for restricting the rights on a capability (for example, reducing the bounds or removing permissions) but there is no mechanism for increasing the rights without starting from a more powerful capability (capability monotonicity). This includes storing capabilities to memory, where they are protected by a (non-addressable) tag bit and any attempt to overwrite part or all of a capability in memory clears the tag bit and invalidates the capability.
CHERI permissions compose with the MMU. The rights granted by a capability are relative to an address space and subject to process and VM isolation in addition to the CHERI restrictions.
CHERI does not directly implement temporal safety in the architecture. It does provide the architectural building blocks required for a software implementation. Specifically, software can use the tag bit to accurately identify every pointer in memory and can rely on the monotonicity guarantees to ensure that every pointer can be mapped to the allocation that it was created to point to.
Mitigating memory safety vulnerabilities
Used in the Arm Morello program, CHERI architectural extensions are designed to mitigate memory safety vulnerabilities – software defects that are exploited by hackers to take control of a device or system – at a hardware level. CHERI augments pointers—the variables in computer code that reference where data is stored in memory—with limits as to how those references can be used, the address ranges that they can use to access and which functionality they can use to access.
These “hardware capabilities” are unique to the processor architecture. Once baked into silicon, they cannot be forged in software. Use of these capabilities in place of some or all the memory addresses can improve the spatial memory safety of software, particularly software written in C or C++ code.
Compartmentalization isolates code
These capabilities can also be used as a building block to allow the enforcement of much stronger temporal memory safety with potentially far lower overheads than current approaches to partitioning. This ‘compartmentalization’ isolates different parts of critical code into individual ‘walled’ areas. Code operating within one compartment has no access to any other area. This means that even if an attacker breaches one piece of the code or data, they are trapped within that one small zone.
These hardware capabilities will be fundamental in designing future devices that are hugely resilient to memory corruption vulnerabilities and other forms of software-based exploitation.
The limited-edition boards now available from Arm are based on the Morello prototype architecture embedded into an Armv8.2-A processor (an adaptation of the Arm Neoverse N1 processor). The boards are being distributed to major stakeholders such as Google and Microsoft as well as to interested partners across the industry and academia via the UKRI Digital Security by Design (DSbD) initiative. These partners represent a broad ecosystem of specialists to test the hypothesis of Morello and discover if this is a viable security architecture that could benefit both businesses and consumers in the future.
Richard Grisenthwaite, SVP, chief architect and fellow at Arm commented, “For any research project, this phase is both exciting and critical. There has never been a silicon implementation of this hardware capability technology in a high-performance CPU. The Morello prototype board opens up many new opportunities for researchers to evaluate and test security benefits in real-world scenarios. Arm is working with established partners and software ecosystems to use these prototype systems to develop enhanced security solutions that we hope will ultimately impact a vast range of applications.”
Ben Laurie, principal engineer, security, Google Research, said, “Computers are incredibly useful but the price we pay for that utility is more and more exposure to security and privacy issues. CHERI can allow for better, more cost-effective protection without reduced performance and Arm’s Morello prototype can help mitigate security issues showing the way to a better future for all computer users – in other words, pretty much everyone.”
For Microsoft, David Weston, director of enterprise and OS security, added, “Memory safety exploits are one of the longest standing and most challenging problems in all of software security. Using core silicon architecture to eliminate whole classes of security issues with minimal performance impact has the opportunity to be transformative with massive positive impact, I am incredibly excited about the Morello project.”
The DSbD initiative has allowed Arm to invest significant resources into developing this technology. Grisenthwaite concluded, “If we are to rethink a foundational architecture that has been around for years, we must work with the wider ecosystem as collaboration continues to be a key driving force for security. The next two years will see the ecosystem testing, writing code and collaboratively providing critical feedback to determine whether any features will be used in future versions of the Arm architecture. If the Morello prototype architecture performs as expected, it will be fundamental in future processor designs, protecting businesses, individuals and the devices of tomorrow.”
- Protecting your embedded software against memory corruption
- Separation kernels and VMs enable secure mission critical edge computing