Intel and AMD standardise ChkTag to bring Memory Safety to x86
27 comments
·October 14, 2025monocasa
sparkie
Sparse on details.
Presumably will be based on the existing Linear Address Masking/Upper Address Ignore specs, which are equivalent, and will be similar to CHERI.
If so it needs to be opt-in or at least opt-out per process, because many language runtimes use these pointers bits to optimize dynamic types, and would suffer a big performance hit if they were unable to use them.
wbl
Dynamic types have classically used the lower bits freed by alignment constraints. If I know a cons cell is 16 bytes then I can use the low 4 bits of an address to store enough type info to disambiguate.
monocasa
Depends on the architecture. Top bit usage lets you do what the hardware thinks if as an 'is negative' check for very cheap on a lot of archs for instance.
themafia
Is it a guarantee that a 16 byte object would be 16 byte aligned?
ComputerGuru
No. It depends on the object.
monocasa
Not a whole lot of language runtimes (if any) really depend on upper address ignore.
AFAIK, AMD only added it in Zen4.
IshKebab
I highly doubt this is anything like CHERI. More likely it's their version of ARM MTE.
zdw
Now they just need to agree to implement ECC everywhere instead of using it as a product differentiator, so we can reduce the amount of random issues caused by memory and bus errors.
georgeburdell
I wonder what happened that Apple/ARM has implemented something similar at nearly the same time. https://security.apple.com/blog/memory-integrity-enforcement...
fweimer
Arm MTE is much older. Android already supported it with a limited number of devices: https://developer.android.com/ndk/guides/arm-mte
There is server hardware out there now that in theory can support MTE, but I don't know if there's commercial support for it. MTE needs to be set up by the firmware, it's not purely an OS/kernel matter.
preisschild
GrapheneOS (hardened Android distribution) also has it enabled by default for the base OS and user-installed Apps that support it (you can also force it for all apps) on 8th Gen Google Pixels and newer
Interesting thread:
astrange
Intel already tried it once in 2019, failed and had to remove it.
jpecar
Afaik Intel's first foray into this territory was their i960mx which ended up in F-22.
monocasa
Even before then the iAPX432 had object capability security wrt its memory.
monocasa
I remember playing with it and finding out it was slower than just manual bounds checks in front of every memory access.
noir_lord
Don't think it was any one thing so much as it makes a whole bunch of attacks more difficult - security is a perpetual arms race after all.
pizlonator
It’s just probabilistic memory safety, at best
Still cool, but not a replacement for memory safety language implementations.
muricula
Is there a whitepaper or ISA manual change describing the feature?
cogman10
Garbage article.
Like, cool, you guys are starting to talk about a new instruction set that will make C safe somehow. Yet you failed provide an ounce of detail for how you'll accomplish that.
This might as well been a "And we'll make our CPUs 10x faster and they'll use 10x less power!". Or "Future CPUs will have a 10ghz clock speed!"
Again, who is this article for? The government maybe to assure them that x86 will take cyber security seriously?
xattt
> Future CPUs will have a 10ghz clock speed!
Glad to see Tejas finally making it to see the light of day! Can’t wait to pair it with my Larrabee GPU in my BTX case.
cogman10
I'm happy another old hardware nerd got that dated reference :D.
I was convinced back in the day that Larrabee would change the world. It seemed like such an amazing technology especially since multi-core CPUs were just starting to take off in consumer hardware.
superkuh
I hope there are OS level (ie kernel build options) to turn this kind of thing off or just ignore the 'tags'. I know it's important for corporate use cases and monetary transactions and all that, but on my personal computer I use for fun I want to be able to peek and poke.
> This is a general data security concern, including for AI data, which governments have urged companies to defend against.
Had to find some way to use "AI" in a press release, less the stock gods get angry and vengeful.