[nanolith]

I've been following CHERI for years. I'm a fan of runtime mitigations in hardware, better process isolation, and capability models. This couples nicely with an obsession of mine, which is the integration of formal methods into system and firmware development.

That being said, CHERI has a long way to go before it makes it to any production system. ARM Morello has certainly breathed new life into it, as has its current push toward a RISC-V ISA. Going from R&D to synthesis on production hardware is a significant leap.

It has inspired innovation in hardware much as seL4 and similar projects have inspired innovation in the formal methods field. For that, I'm grateful.

[pjmlp]

While it might have inspired innovation, there is SPARC ADI that predates it, with Apple's PAC, Microsoft's Pluton, and ARM's MTE already being deployed on some systems.

Still looking forward to CHERI ideas to go mainstream though.

Only Intel and AMD keep messing up their attempts to hardware memory tagging, for several decades now, starting with iAPX 432.

[nanolith]

At this point, I think that Intel and AMD have designed processors that are hostile toward security and process isolation. The amount of work required by an OS designer to work around the default insecure and leaky behavior of these processors is staggering. Worse, there is always the temptation to optimize performance by turning off these mitigations.

Perhaps that's why I enjoy working on microcontrollers and firmware. Yeah, there are potential CPU attacks on these, but it's much easier to manage mitigations, and these mitigations don't come with steep performance penalty trade-offs.