|
|
|
|
|
|
by Gankra
1532 days ago
|
|
|
My understanding is that CHERI just tells you to eat your vegetables and properly maintains a chain of custody from like bootloader to kernel to subsystems to drivers, so that anyone messing with MMIO has to do it the Right Way and get permission from whatever's up the chain of command from them to access that range of memory, even if they're also part of the kernel. This is super vague half-remembered conversations though. |
|
|