Two Paths to Memory Safety: Cheri and Oma
Posted3 months agoActive3 months ago
ednutting.comTechstory
calmmixed
Debate
70/100
Memory SafetyHardware SecurityComputer Architecture
Key topics
Memory Safety
Hardware Security
Computer Architecture
The article compares two approaches to memory safety, CHERI and OMA, sparking a discussion on the effectiveness of hardware-based solutions and their potential impact on software development.
Snapshot generated from the HN discussion
Discussion Activity
Active discussionFirst comment
1h
Peak period
19
0-6h
Avg / period
6
Comment distribution42 data points
Loading chart...
Based on 42 loaded comments
Key moments
- 01Story posted
Oct 13, 2025 at 6:05 AM EDT
3 months ago
Step 01 - 02First comment
Oct 13, 2025 at 7:26 AM EDT
1h after posting
Step 02 - 03Peak activity
19 comments in 0-6h
Hottest window of the conversation
Step 03 - 04Latest activity
Oct 15, 2025 at 9:16 AM EDT
3 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
ID: 45566660Type: storyLast synced: 11/20/2025, 6:39:46 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
- CHERI with a Linux on Top https://news.ycombinator.com/item?id=45487629
- Why not object capability languages? https://news.ycombinator.com/item?id=43956095
- Ask HN: Why isn't capability-based security more common? https://news.ycombinator.com/item?id=45261574
https://docs.oracle.com/en/operating-systems/solaris/oracle-...
Although I do conceed, most folks aren't keen into picking up anything related to Oracle or Solaris nowadays.
What's interesting is that approach (software-defined 'random' numbers to associate memory regions and valid pointers) provides only probabilistic memory safety. A malicious actor may find a way to spoof/guess the tag needed to access a particular piece of memory. Given Arm MTE has been breached in the last year, it's hard to argue that it's a good enough security guarantee. EMTE may fix issues (e.g. side-channels) but leaves open the probabilistic pathway (i.e. "guess the tag") which is a hole MTE isn't designed to try to close (so, a software breach on top of a chip with EMTE can't necessarily be argued to be a violation of the hardware's security properties, though it may exploit the architectural security hole).
In contrast, CHERI and OMA (Object Memory Architecture) are both providing hardware-enforced guarantees of memory safety properties - unbreakable even if the attacker has perfect knowledge - backed up by formal proofs of these claims.
CHERI offers referential and spatial safety as hardware guarantees, with temporal being achievable in software. OMA offers referential, spatial and temporal safety as hardware guarantees.
Yeah the current closed nature of OMA means there's limited information at present. I am working on publishing more over the next year. It is essential the wider community starts to get access to at least the modified RISC-V ISA, to independently validate the security claims.
Sometimes the perfect is enemy from good, none of the memory tagging solutions has achieved mainstream widespread adoption outside iDevices.
Google apparently doesn't want to anger Android OEMs demanding it to be required by Android, thus it remains a Pixel only feature.
CHERI and OMA are going to still take years for mainstream adoption if ever comes to it.
I had hopes for whatever Microsoft was doing in CHERIoT to eventually come to Windows in some fashion, but best it has happened seems to be the adoption of Pluton in CoPilot+ PC, which anyway serves a different purpose.
You can see the appeal for not needing to go through all the issues, complexity and costs that entails.
You can have a memory safe Linux userland today in stock hardware. https://fil-c.org/pizlix
That's likely to be true in embedded also, just because of the relationship between volume and performance in silicon. Fil-C runs on the high volume stuff, so it'll get better perf.
CHERI doubles the size of pointers, so it's not like it has a decisive advantage over Fil-C.
Also, the fact that having access to CHERI hardware is a thing you presume I don't have should tell you a lot about how likely CHERI is to ever succeed
Are all possible memory problems checked, which to me include those listed in https://matu3ba.github.io/articles/optimal_debugging/#practi... (OOB, null, type confusion, integer overflow, invalid stack access, UUM, data races, illegal aliasing/provenance, stack overflows, ..) ?
There’s so much perf on the table that I haven’t claimed yet.
I’m just focusing on other things most of the time, like right now I want to actually make a super easy to install memory safe sshd distro.
The perf is more than good enough for that so that’s just a thing I should ship
All of the things you list are either checked or they’re given some kind of safe semantics. Like some kinds of type confusion are just fine and need to work (like int to float bit casts)
That is amazing and looks like an excellent first use case.
There are a lot of x86 boxes out there. Is Fil-C really faster on all of them vs. CHERI on Morello?
(Disclosure: I had a ~1GHz? atom mini-PC recently until it bricked. It could technically boot Windows 10 or Linux, but it was not fast.)
Do you think that MTE will make an Apple M5 slower than an Atom as well?
Heh. I don't doubt it. Just like RISC-V in QEmu on a x86 box is faster than any RISC-V core that anyone can get their hands on ... but only so far.
It's not, actually.
Fil-C is more compatible with C/C++ than CHERI, because Fil-C doesn't change `sizeof(void*)`.
Fil-C is more compatible in the sense that I can get CPython to work in Fil-C and to my knowledge it doesn't work on CHERI.
Fil-C also has an actual story for use-after-free. CHERI's story is super weak
This also means Fil-C seems not to be really helpful when a program uses its own allocators on top of malloc() or page allocation from OS, while with CHERI this works naturally through capability restriction.
The fact that InvisiCaps don’t support capability restriction is a choice though. I could have made them support that feature. I didn’t because I’m going for C/C++ compatibility and the only way to make meaningful use of capability restriction is to change people’s code.
Worth noting that if a program has its own allocator then you have to make more than zero changes in both Fil-C and in CHERI to get the benefit:
- In fil-C you just get rid of the custom allocator.
- In CHERI you make the allocator do capability restriction, which is actually kinda hard to get right (if the allocator’s metadata doesn’t also do capability restriction and the allocator uses inline free lists then that could easily turn into a full blown capability escape).
MicroPython has been ported though. What makes CPython special, so it couldn't be ported?
> Fil-C also has an actual story for use-after-free. CHERI's story is super weak
Indeed, CHERI does not always trap on use-after-free if the program is fast enough. A free'd memory object is kept until another thread has found all pointers to the object and made them invalid.
If I understood the paper right, Cornucopia-Reloaded does invalidate a capability directly when loaded if the pointed-to page is marked free. Therefore, any allocation of at least a page should have no use-after-free.
I don't know, but I'm guessing it's the pointer shenanigans that happen in the CPython bytecode.
He had previously co-founded the CPU startup VyperCore, which had been based around technology in his PhD thesis at the University of Bristol. The startup folded earlier this year.[1]
VyperCore's main selling point was that having garbage collection in hardware could run managed languages faster, and with less energy. Apparently they came as far as running code in FPGA. Except for the object-addressing hardware, it was based on a RISC-V core.
I wonder which assets (patents and other) that the new company has been able to get from the old.
Both companies were/are apparently targeting the data centre first... which I think is a bit bold, TBH. I follow RISC-V, and have seen maybe a dozen announcements of designs for wide-issue cores that on paper could have been competitive with AMD and Intel ... if only they would have got to be manufactured in a competitive process. But that is something that would require significant investment.
1. https://ednutting.substack.com/p/vypercore-failed
(And a very good question, to be answered at a later stage.)
I hope you succeed. I also thank you for a detailed write-up that listed good offerings from your competitors. That's more honest and fair than most startup writing. ;)
With compute-oriented hardware, have you considered making a prepackaged, multicore version that runs on Amazon F1 FPGA's? Then, anyone could test or use it in the cloud.
That would be too expensive for basic, web/app servers to use. However, some companies might use it for database, key servers, or (defense market) high-speed guards which already cost a fortune.
With FPGA's, one might also make load balancers with firewalls and SSL acceleration because they'd be comparing the price to SSL accelerators. Also, gateways for AI interactions which are in high demand right now.
Just some ideas for you to toy with.
what is this supposed to mean? like a whole new isa + kernel + userland?
Unless the CPU hardware becomes some kind of hybrid monster with both OMA and traditional paged MMU, you will need to make changes to the kernel. You may be able to emulate some of the kernel's page table shenanigans with the object-based system, but I don't think that the kernel's C code is typically 'well-formed'. It's probably a lot of engineering effort to make the necessary kernel changes, but so are all those complex kernel hardening efforts that hardware-level memory security like OMA would render moot.
Perhaps unintentionally, RISC-V provides more flexibility to kernel developers by also including a physical memory protection unit that can run underneath and simultaneously with the MMU. This can make it far cheaper to switch memory protection on and off for arbitrarily sized areas of physical memory since this capability is no longer needlessly coupled to expensive memory remapping operations. Kernels can move away from the typical “process is its own virtual computer” model, and towards things closer to single address space designs or some middle ground between the two.
[1]: https://docs.riscv.org/reference/isa/_attachments/riscv-priv...
Maybe segments weren't such a bad thing.