Techly NewsGet the app

Get the latest tech news

Why did you write a new RTOS for CHERIoT?


I’m often asked why we decided to write a new RTOS for CHERIoT instead of using something that already existed, such as ThreadX, FreeRTOS, or Zephyr. The short answer is that CHERIoT is a hardware-software co-design project and retrofitting ground-up co-design is hard. This post is for people who want the long answer.

I’ll talk later about how we build a software capability model to authorise operations at higher levels of abstraction than ‘can I read or write this object’ but the principle of least privilege permeates the design. The main privilege that this holds is the ability to access the register that contains a capability to the register-save area for context switching threads and the trusted stack used to enforce call-return discipline on cross-compartment calls. CHERIoT RTOS is co-designed with its underlying architecture and its C/C++ toolchain to efficiently provide programmers with affordances that are difficult, expensive, or even impossible to achieve in embedded computing platforms that run software stacks that had to work around the limitations of existing hardware.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of rtos

rtos

Photo of CHERIoT

CHERIoT

Photo of new RTOS

new RTOS

Related news:

News photo

Moving to a RTOS on the RP2040

News photo

Apache NuttX RTOS on Sophgo SG2000 RISC-V SoC (Milk-V Duo S SBC)

« Dynamic Models of Gentrification
Calculating the norm of a complex number »