libprocstat(3) library and procstat(1) command: extended to inspect sandbox statistics.
libcheri(3): a sandbox API, and a set of system-class objects that can be delegated to sandboxes. Currently (1), this consists of a singleton system object that provides the ability to print to stdout, and a file-descriptor class that allows delegation of individual kernel-provided file descriptors to sandboxes.
libc_cheri(3): core C-language APIs and services within sandboxes. This library is able to use the system and file-descriptor classes to provide access to APIs such as printf().
cheritest: test cases for capability-related functions including sandboxing; cheritest relies on cheritest-helper.bin to provide sandboxed code.
cheri_tcpdump, sandboxed sniffing and parsing; cheri_tcpdump relies on tcpdump-helper to provide sandboxed code.
libz-cheri(3): compression routines with fine-grained memory protection.
CheriBSD userspace source directories:
| Filename | Description |
|---|---|
bin/cheritest/ |
Command-line utility exercising CHERI and CheriBSD features, including sandboxing CTSRD-project demo code |
ctsrd/ |
CTSRD-project demo code |
lib/libc_cheri/ |
In-sandbox C library/runtime |
lib/libcheri |
Library implementing the CHERI sandbox API; the CHERI system class implementation |
libexec/cheritest-helper/ |
Sandboxed components for cheritest |
libexec/tcpdump-helper/ |
Sandboxed components for cheri_tcpdump, initialization and context management |
lib/libz-cheri |
Version of libz compiled with CHERI memory protection |
usr.sbin/tcpdump/cheri_tcpdump |
Version of tcpdump able to use CHERI sandboxing |
lib/libprocstat/ |
Extensions to this library allow procstat(1) to monitor libcheri sandboxes |
usr.bin/procstat/ |
procstat(1) command extended to monitor libcheri sandboxes |
If you could revise
the fundmental principles of
computer system design
to improve security...
... what would you change?