Sponsored Post: Keep Your App’s Memory Safe with Arm Memory Tagging Extension (MTE)

Subtle memory bugs, including buffer overruns and pointer errors, create ticking time bombs inside your applications. Malicious actors can exploit these bugs to execute unauthorized code, take over systems to add them to malware botnets, or simply cause applications and systems to crash. The notorious Morris Worm of 1988 was one of the earliest examples of a malicious application exploiting a buffer overflow. Announcements of memory safety issues creating potential exploits arrive with alarming frequency, either from security researchers or found loose in the wild.

The impact on users can be substantial. Rogue applications can take advantage of unsafe memory in order to gain access to sniff out sensitive data, such as user credentials and passwords, enabling access to higher levels of privilege in the system. This allows bad actors to gain access to confidential data or make the system part of a larger botnet. It’s not always outside forces that cause problems – sometimes unsafe memory results in unpredictable system crashes due to memory leaks and related issues, frustrating users. It’s estimated that two-thirds of all Android vulnerabilities happen due to unsafe memory practices.

Arm Memory Tagging Extension

Software-based solutions, including Address Sanitizer (Asan), help mitigate these memory issues by integrating memory corruption detection into modern compilers. However, Asan requires adding software instrumentation to application code, which can significantly slow down app runtime and increase memory usage, particularly problematic in mobile and embedded systems.

What’s needed is a solution to detect and minimize memory bugs with minimal impact on performance and memory use. Properly implementing a hardware-based method for detecting potentially unsafe memory usage results in smaller memory usage and better performance, while improving system reliability and security.

Arm introduced its memory tagging extension as a part of the Armv8.5 instruction set. MTE is now built into Armv9 compliant CPUs recently announced by Arm, such as the Cortex-X2, Cortex-A710, and Cortex-A510. Future CPUs based on Armv9 will also integrate MTE. These all include memory tagging as a basic part of the architecture.