This may take me a couple of goes to fully digest: https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-927.pdf
@stsquad WTF is a Deep Surface Design Choice? [ Deep Versus Surface Design Choices ] talk about contradictory. How can you have deep and surface all in the same sentence? And these people are professors? LOL
@dick_turpin you've gotten farther than me already! As far as I can tell the general thrust is compartmentalisation (user-mode, kernel-mode, secure-mode) is too coarse and things like pointer verification help limit vulnerabilities from crossing domain boundaries so the CHERI design is to tag everything with a capability which the hardware will check on every use (rather than with explicit instructions).
@stsquad Like I understood that. Sheesh. 🙂
https://archive.fosdem.org/2015/schedule/event/the_cheri_cpu/ may be a more gentle introduction.
General purpose mastodon instance