Post Syndicated from corbet original https://lwn.net/Articles/950123/

The Google Project Zero blog celebrates
the launch of the Pixel 8 handset, the first to make use of Arm’s
Memory Tagging Extension (MTE). Linux has supported MTE since the 5.10 release in 2020,
but that support has only now shown up (in experimental form) in an
available handset.

I think this is a huge improvement for the general security of the
device – many zero-click attack surfaces involve large amounts of
unsafe C/C++ code, whether that’s WebRTC for calling, or one of the
many media or image file parsing libraries. MTE is not a silver
bullet for memory safety – but the release of the first production
device with the ability to run almost all user-mode applications
with synchronous-MTE is a huge step forward, and something that’s
worth celebrating!

The article includes detailed instructions for how to turn the MTE feature
on.