Serverless computing offers fine-grained resource provisioning, seamless scalability, and simplified operations by shifting server management to cloud providers. However, existing platforms that often use lightweight VMs, secure containers, or Software Fault Isolation struggle to balance isolation, efficiency, and portability. The CHERI (Capability Hardware Enhanced RISC Instructions) architecture addresses this by adding capability-based memory protection, yet relying on CHERI within a Serverless context requires careful memory expansion to maintain isolation guarantees and maximum resource utilization. We present the CheriMore, the first Serverless vertical memory expansion scheme under CHERI. A memory anchor in LibOS triggers memory allocation, isolation domain reconstruction, and memory registration whenever capacity runs low, enabling finer-grained control while remaining transparent to applications. This vertical expansion can be combined with horizontal scaling to reduce startup overhead and minimize resource waste. We also optimize runtime startup via direct mapping and prefetching of LibOS ELF files, and enhance cloud-native observability by integrating a Prometheus Exporter to expose key memory metrics. Our evaluation shows the vertical expansion mechanism adds only 10 ms of overhead, while direct ELF mapping and prefetching reduce initialization from 9.2 s to 1.8 s—shrinking the main bottleneck by 96.33%. On real Cheri hardware, CheriMore reduces multi-core boot time by 95.9% compared to the baseline design when using four cores.
Wang et al. (Mon,) studied this question.