Secure Calling Conventions for CHERI Capability Machines in Practice - Work in Progress

Explore secure calling conventions for CHERI capability machines in this 24-minute conference talk presented at PriSC'24. Delve into the challenges of enforcing temporal memory safety, well-bracketed control flow, and fine-grained stack frame encapsulation on CHERI-based systems. Learn about a proposed design using a reserve stack to reconcile fine-grained stack boundaries with capability compression. Examine the LLVM implementation of selected secure calling conventions for CHERI-RISC-V and evaluate their impact on performance, memory usage, code size, and compatibility. Gain insights into how different security measures contribute to the calling conventions' performance overhead in this work-in-progress presentation by researchers Elias Storme, Sander Huyghebaert, Steven Keuchel, Thomas Van Strydonck, and Dominique Devriese.