CheriBSD

CheriBSD

CheriBSD is a Capability Enabled, Unix-like Operating System that extends FreeBSD to take advantage of Capability Hardware on Arm’s Morello and CHERI-RISC-V platforms. CheriBSD implements memory protection and software compartmentalization features, and is developed by SRI International and the University of Cambridge.

CheriBSD with desktop environment running on Morello
CheriBSD 24.05
Get Started on Morello
Download Installer
Current Version
24.05
Old Versions
23.11 22.12 22.05p1 22.05
View Release Notes
Current Version
24.05
Old Versions
23.11 22.12 22.05p1 22.05
Talk to Us on Slack
Learn About CHERI

Features

Spatial and temporal memory safety for userspace and (optionally) spatial memory safety for the kernel
Userspace and kernel debugger support for memory-safe and memory-unsafe code
Pre-built USB stick image with interactive guided installer
Memory-safe KDE-based graphical desktop stack (Morello-only)
Compatible with existing memory-unsafe 64-bit applications
10,000+ pre-built memory-safe packages and 26,000+ pre-built memory-unsafe packages
CHERI-enabled "bhyve" hypervisor for capability-aware guest OSes (Morello-only)
Experimental library-based compartmentalisation (co-processes and kernel modules in development)
Runs on Morello boards, Morello FVP, QEMU and FPGA