Virtual Event
April 14
Learn More and Register to Attend
Wednesday, April 14 • 8:55am - 9:15am
Using PMP, ePMP and Rust to Protect Embedded Kernels, Even from Themselves - Alistair Francis, Western Digital

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Desktop computer systems have used the Memory Management Unit (MMU) to enforce W^X (write xor execute) to help mitigate data execution attacks. Sometimes refereed to as Data Execution Prevention (DEP), W^X is a useful mechanism to help lock down systems. Although embedded systems don't have an MMU, PMP and ePMP can be used on RISC-V to enforce W^X. This talk will discuss the work done with Tock to utilise the RISC-V PMP and ePMP to both enforce W^X on kernel memory and to also isolate untrusted applications from the kernel. Tock is an embedded Operating System (OS) written in Rust, which is a memory safe language. Tock is the OS being used for the open source OpenTitan RoT project. This talk will go into details of what protections this provides us and importantly what it doesn't protect against.

avatar for Alistair Francis

Alistair Francis

Technologist, WDC
Alistair Francis currently works at Western Digital as part of the RISC-V software research team. He is the QEMU RISC-V maintainer; developing, reviewing and merging QEMU patches. He also has a focus on security, specifically secure operating systems related to Root of Trust (RoT... Read More →

Wednesday April 14, 2021 8:55am - 9:15am PDT