CHERIoT, aikin Microsoft don inganta tsaro a cikin C

Darkcrizt

4 minti

CHERIOT

CHERIoT, zaɓi na MS don tsaro don tsarin da aka haɗa

Kwanan nan ne labari ya bazu cewa Microsoft ya buɗe abubuwan da suka shafi aikin CHERIoT (Ƙarfafa Hardware na iyawa zuwa RISC-V don Intanet na Abubuwa), da nufin toshe batutuwan tsaro a C da C++ code data kasance. CHERIoT yana ba da mafita don kare tushen lambar C/C++ da ake da su ba tare da sake canza su ba.

Ana aiwatar da kariyar ta amfani da gyare-gyaren mai tarawa wanda ke amfani da tsawaita tsari na musamman na umarnin sarrafawa (ISA) wanda mai sarrafawa ya bayar kuma yana lura da samun damar ƙwaƙwalwar ajiya a matakin hardware, yana tabbatar da daidaiton aiki tare da masu nuni, kuma yana ba da keɓewar toshe lambar.

Game da CHERIOT

Wannan aikin an halicce shi tare da fahimtar cewa ƙananan yanayin yanayin C ya zama tushen kurakuran ƙwaƙwalwa, wanda ke haifar da matsaloli kamar buffer overflow, samun dama ga ƙwaƙwalwar ajiya da aka riga an 'yanta, ɓata ma'ana ko 'yanta sau biyu.

Ayyuka sun nuna cewa har ma manyan kamfanoni irin su Google da Microsoft, waɗanda ke da tsauraran manufofin bita na canji da kuma amfani da hanyoyin ci gaban zamani da kayan aikin bincike na tsaye, ba za su iya ba da garantin yin aiki ba tare da kuskure ba tare da ƙwaƙwalwa (misali, kusan kashi 70% na lahani a cikin Microsoft da Google). rashin tsaro sarrafa ƙwaƙwalwar ajiya ne ke haifar da shi).

Matsalar Ana iya magance ta ta amfani da yarukan shirye-shirye waɗanda ke ba da garantin aiki mai aminci.ko tare da ƙwaƙwalwar ajiya ko haɗin haɗin gwiwa tare da ƙarin sarrafawa, misali, ta amfani da MiraclePtr (raw_ptr) maimakon masifu na gama-gari, waɗanda ke yin ƙarin sarrafawa don isa ga wuraren ƙwaƙƙwarar ƙwalƙwalwa.

Pero irin waɗannan hanyoyin sun fi dacewa da sabon lambar y yana da matukar wahala a sake yin ayyukan C/C++ na yanzu, musamman ma idan an yi nufin su yi aiki a cikin mahalli masu ƙarancin albarkatu, kamar tsarin da aka haɗa da na'urorin IoT.

da Abubuwan kayan aikin CHERIoT an tsara su azaman microcontroller dangane da tsarin gine-ginen RISC-V, aiwatar da amintaccen tsarin gine-ginen CHERI (Ƙarfin Hardware na RISC-V), yana ba da samfurin samun damar ƙwaƙwalwar ajiya mai sarrafawa.

Bisa wa'azin kafa gine (ISA) An ba da shi a cikin CHERIoT, an gina samfurin shirye-shirye wanda ke ba da garantin tsaro na aiki tare da ƙwaƙwalwar ajiya a matakin abubuwan mutum ɗaya, yana ba da kariya daga samun damar zuwa ƙwaƙwalwar ajiya da aka rigaya, da aiwatar da tsarin keɓewa mara nauyi don samun damar ƙwaƙwalwar ajiya.

Wannan ƙirar kariyar shirye-shirye tana madubi kai tsaye samfurin harshen C/C++, yana ba da damar amfani da shi don kare aikace-aikacen da ake da su (sake haɗawa da aiki akan kayan aikin ISA CHERIoT masu dacewa kawai da ake buƙata) .

Maganin da aka tsara yana ba da damar toshe kurakurai waɗanda ke haifar da iyakokin abu a cikin ƙwaƙwalwar ajiya, baya ƙyale musanyawa mai nuni (duk masu nuni dole ne a samar da su daga masu nunin da ke akwai), yana sa ido kan samun damar ƙwaƙwalwar ajiya bayan yantar da su (duk wani damar ƙwaƙwalwar ajiya ta hanyar maƙasudi mara kyau ko maƙasudi mai nunin abin da aka 'yanta yana ɗaga banbance).

Misali, yin amfani da CHERIoT yana ba da damar, ba tare da yin kowane canje-canje na lamba ba, don aiwatar da duba iyakoki ta atomatik, bin diddigin rayuwar wuraren ƙwaƙwalwar ajiya, da tabbatar da amincin masu nuni a cikin abubuwan da ke aiwatar da bayanan da ba a dogara ba.

Wannan aikin ya haɗa da ƙayyadaddun ƙayyadaddun tsarin tsarin koyarwa na CHERIoT tsawo, aiwatar da tunani na ISA CHERIoT-mai jituwa 32-bit RISC-V CPU, da ingantaccen kayan aikin LLVM.

Finalmente Idan kuna da sha'awar sanin game da shi, ya kamata ku sani cewa zane-zane na samfur Bayanin toshe CPU da hardware a cikin Verilog ana rarraba su ƙarƙashin lasisin Apache 2.0. Ana amfani da ainihin Ibex na aikin lowRISC azaman tushen tushen CPU kuma an bayyana samfurin lambar CHERIoT ISA a cikin yaren Sail kuma an rarraba a ƙarƙashin lasisin BSD.

Bugu da ƙari, an gabatar da wani samfuri na CHERIoT RTOS tsarin aiki na ainihi, wanda ke ba da ikon keɓe ɗakunan (ɗaki) har ma da tsarin da aka saka tare da 256 MB na RAM.

Lambar Farashin CHERIOT RTOS An rubuta shi cikin C++ kuma ana rarraba shi ƙarƙashin lasisin MIT. A cikin nau'i na sassa, an tsara ainihin abubuwan da ke cikin tsarin aiki, kamar bootloader, mai tsarawa, da tsarin rarraba ƙwaƙwalwar ajiya.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Alhakin bayanai: AB Internet Networks 2008 SL
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.