Boosting concurrent performance of conservative garbage collectors on CHERI capability systems

Supervisor: Dr Dejice Jacob

Partner: The CHERI Alliance 

School: Computing Science

Description:

Memory management frameworks are a foundational building block for software applications and frameworks. Ensuring robust and secure applications that are built with these core software libraries is vital to enabling the vision of a digital economy that stakeholders can trust. However, currently anywhere between 70% to 90% of publicly declared security vulnerabilities are memory safety vulnerabilities. These vulnerabilities affect well known software such as Operating Systems, browsers and graphics applications. 

CHERI is a novel microprocessor architecture enforcing strong memory safety enforced by the CPU hardware design. Unlike conventional software techniques, an application built for CHERI provides implicit safety guarantees about memory access that are otherwise not provided using traditional CPUs. UKRI’s Digital-Security-by-Design challenge resulted in the design and development of the ARM based CHERI-Morello CPU to further research into secure-by-design systems software and improve security in the whole software stack. 

The Boehm-Demers-Weiser Garbage Collector (BDWGC)  is one of the most well known open-source automatic memory management frameworks for C/C++ applications. 

BDWGC is a used as a core building block for many mainstream open source applications. Automatic memory management improves programmability by reducing the burden on software developers to manually manage memory and weaving it into the development cycle of software. The EPSRC funded capable-VMs project (EP/V000349/1)[1] developed  CHERI-BDWGC[2] to improve the memory safety properties of BDWGC with the basic feature set. These changes resulted in a large scale redesign of the upstream open source project to better accommodate novel architectures such as CHERI. In addition to the security guarantees, the CHERI-BDWGC is able to leverage the meta-data built into CHERI pointers (tags) to improve the preciseness of the GC, thus improving performance. 

 

This research project proposal intends to improve and add  memory safety properties for BDWGC using CHERI memory safety with concurrency and performance enhacing options. The technical aims of this project will be two fold: 

  1. Enable CHERI protections and support for multi-threading in CHERI-BDWGC to improve concurrent performance. 
  2. Add “Incremental” garbage collection to BDWGC with CHERI safety properties to improve latency. 

 

The outcomes from this project are to: 

  1. 1. Improve the performance of CHERI-BDWGC by leveraging CHERI features to improve preciseness. 
  2. Upstream support added for CHERI architectures to a well known and widely used open source system library. 
  3. A research paper resulting from the work done on this project will be submitted at an ACM memory management / Systems software conference. 
  4. Enable the porting of widely used desktop applications depending on BDWGC to the CHERI desktop ecosystem and help adoption of Secure-by-design software.