Post Syndicated from original https://lwn.net/Articles/909265/

The CHERI
architecture is the product of a research program to extend common
CPU architectures
in a way that prevents many types of memory-related bugs (and
vulnerabilities). At the 2022 GNU Tools Cauldron,
Alex Coplan and Szabolcs Nagy described the work that has been done to
bring GCC and the GNU C Library (glibc) to this architecture. CHERI is a fundamentally
different approach to how memory is accessed, and supporting it properly is anything
but a trivial task.