Post Syndicated from corbet original https://lwn.net/Articles/940152/
Google’s Project Zero has spent some time studying the Arm memory tagging
extension (MTE), support for which was
merged into the 5.10 kernel, and posted
the results:
Despite its limitations, MTE is still by far the most promising
path forward for improving C/C++ software security in 2023. The
ability of MTE to detect memory corruption exploitation at the
first dangerous access provides a significant improvement in
diagnostic and potential security effectiveness.
There is a
separate section on weaknesses in the current kernel implementation of
MTE support.