CheriBSD 25.03 Release Notes

Overview

Welcome to the Spring 2025 (25.03) release of the CheriBSD operating system. As well as a general update of the baseline FreeBSD OS (corresponding to CURRENT as of October 2024) from which CheriBSD is derived, we have introduced several new research components which will be of interest to the CHERI and CheriBSD community:

Library Compartmentalization (https://man.cheribsd.org/cgi-bin/man.cgi/release-25.03/c18n) has matured further and we are generally able to run with it enabled system wide. It can be enabled system wide by setting the security.cheri.lib_based_c18n_default sysctl to 1. A new procstat command compartments allows instantiated compartments to be displayed. While this implementation is now capable of running the full desktop, it is neither complete nor intended to be secure.
Sub-library Compartmentalization has been added. When compiled with the llvm-morello-c18n compiler package and the WITH_COMPARTMENTALIZTION_POLICY make option set, libc will be compiled with a series of compartments. Of particular interest, malloc and the malloc revocation wrapper (mrs) are placed in their own compartments, protecting their powerful capabilities to the entire heap from the rest of libc. Future releases will expand the use of such engineered compartments.
To strengthen library compartmentalization, we have altered the function pointer ABI, introducing new relocations to allow function pointers to be wrapped by trampolines. This wrapping is currently disabled by default to ease source upgrades. It can be enabled system wide by setting the security.cheri.lib_based_c18n_wrap_fptr sysctl to 1. It will be enabled by default in the next release.
When library compartmentalization is enabled, system calls can only be invoked from a new libsys shared library separate from libc. This greatly limits the ability of arbitrary code to make system calls
User level heap temporal safety has seen a number of performance enhancements and stability improvements.
The 9pfs filesystem is now supported over VirtIO.
We have improved and lightly tested the driver for the TP-Link Archer T2U Nano USB WiFi adapter (WiFi only, not the similar T2UB WiFi+Bluetooth model, nor any similarly named products).

As with previous releases, the default CheriBSD kernel on Morello ships with debugging features enabled, which should be disabled by booting a non-debug kernel before any performance benchmarking is performed. Additionally, before publishing benchmark results on Morello, we strongly encourage reading the report Early performance results from the prototype Morello microarchitecture.

Known Issues

ZFS support is lightly tested. The on-disk format is believed to be stable, but it is possible that future releases will be unable to read pools created by this release, particularly pools created on pure-capability kernels.
Some virtual memory subsystem races leading to panics are present in the release version that were not resolved at release time. They are more likely to trigger under high load and with library-based compartmentalization enabled globally.

Using Morello as a Desktop

New installations of the latest CheriBSD release have an option to enable the desktop packages during the install process.

If you have already installed the latest version of CheriBSD but did not install the desktop packages you can add them later; log in as root or use sudo to add the following packages to the system:

pkg64c install cheri-desktop (provides DRM, Wayland and the general GUI system)
pkg64 install cheri-desktop-hybrid-extras (provides Firefox and other applications)

Make sure that your user ID is in the video group; if not, use:

pw groupmod video -m username

Add the following lines to /boot/loader.conf:

dtb_load="YES"
dtb_type="dtb"
dtb_name="/boot/dtb/arm/morello-soc.dtb"

Ensure that a USB keyboard and mouse, as well as an HDMI monitor capable of handling full-HD input (all modern monitors), are connected to the desktop.

Reboot your system and you will be presented with a graphical login screen.