[pjmlp]

While it might have inspired innovation, there is SPARC ADI that predates it, with Apple's PAC, Microsoft's Pluton, and ARM's MTE already being deployed on some systems.

Still looking forward to CHERI ideas to go mainstream though.

Only Intel and AMD keep messing up their attempts to hardware memory tagging, for several decades now, starting with iAPX 432.

[nanolith]

At this point, I think that Intel and AMD have designed processors that are hostile toward security and process isolation. The amount of work required by an OS designer to work around the default insecure and leaky behavior of these processors is staggering. Worse, there is always the temptation to optimize performance by turning off these mitigations.

Perhaps that's why I enjoy working on microcontrollers and firmware. Yeah, there are potential CPU attacks on these, but it's much easier to manage mitigations, and these mitigations don't come with steep performance penalty trade-offs.