top of page
Abstract Shape

CHERI CVA6

CHERI CVA6: An open-source CHERI application core

CHERI is revolutionising CPU design by building security directly into hardware. Hardware capabilities enforce strong spatial and temporal memory safety, deterministically mitigating roughly 70% of software vulnerabilities through software recompilation. CHERI enables scalable software compartmentalisation to minimise privilege and contain compromise. CHERI CVA6 is an open-source RISC-V application core that runs CheriBSD, CHERI Linux, and CHERI seL4 stacks.

Zero Day Labs’ illustration of their modifications to add CHERI to CVA6, which form the basis for our implementation. - Bruno Sá, Donato Ferraro, José Martins, Everton Matos, Andrea Bastoni, Sandro Pinto "CHERI RISC-V: A Case Study on the CVA6" in RISC-V Summit Europe (June 2024)

image.png

Why now?

RISC-V International aims to ratify the Zcheri extension in late 2025: CHERI CVA6 will be the open-source application core reference design. CHERI CVA6 takes lessons from the CHERI research ecosystem – Arm’s Morello, Cambridge’s CHERI Toooba, and Microsoft’s CHERIoT – for a mature, future-proof implementation.

 

The path to CHERI CVA6

The CHERI CVA6 project will remove the biggest barrier to adoption by delivering a high-quality, permissively licensed SystemVerilog reference design, ready for commercial use. CVA6, from the Open Hardware Foundation, is a robust superscalar RISC-V core, with extensive community engagement, multiple tape-outs, and application OS support.

 

Based on an initial prototype CHERI CVA6 implementation by Zero Day Labs (see above), we are modifying the core by:

  • Supporting the standard features and instruction encodings, providing a reference implementation for the pending Zcheri standard;

  • Using formal and directed-random tools to improve assurance;

  • Optimising to hone down towards essential area and performance overheads;

  • Improving the memory subsystem support for tagged memory;

  • Ensuring support for a range of pure capability operating systems.

 

When can I use it?

By Q4 2025, a standards-compliant CHERI-enabled CVA6 design will be available, supporting CHERI-enabled OSes on Genesys2 FPGA boards and tested against the Sail golden model. This will lay the groundwork for industry-standard verification and further PPA optimisation.

 

How can I get involved?

Looking to integrate memory-safe processing into your SoC? Whether you want a ready-to-go CPU, reusable components, or a custom solution, Capabilities Limited is ready to help.

 

Repositories/Helpful links.

The RISC-V CHERI specification repository: https://github.com/riscv/riscv-cheri/

Our work in progress CVA6 fork, converging towards supporting the proposed RISC-V standard: https://github.com/Capabilities-Limited/cheri-cva6/tree/zcheri

 

CHERI Blossoms Talk

Talk page, including links to slide and video: https://cheri-alliance.org/events/speakers/jonathan-woodruff/

website.png

A pipeline diagram of CVA6, showing the parts of the pipeline extended for CHERI highlighted in red.

In collaboration with: Zero-Day Labs

 

Zero-Day Labs added initial support of the CHERI instructions (Cambridge ISAv9) to the CVA6 core. They have also added support for the hypervisor extensions (now upstream) and are working to support the Bao hypervisor.


From their starting-point version of the CHERI CVA6 core, we are helping to refine the legacy ISA version in the Zero-Day Labs repository: https://github.com/zero-day-labs/cheri-cva6.

​

This project is in collaboration with other Open Hardware Foundation members.

openhw.png
cherilogo.png
bottom of page