[$] CHERI with a Linux on top

The CapabilityHardware Enhanced RISC Instructions (CHERI) project is a rethinking ofcomputer architecture in order to improve system security. Carl Shaw gavea presentation atLinuxSecurity Summit Europe (LSS EU) about CHERI and the efforts to getLinux running on it. He introduced capabilities,which are a mechanism for access control, and outlined theirhistory, which goes back many decades at this point, then looked morespecifically at the CHERI project and what it will take to apply thesecurity constraints of capabilities to an operating system like Linux.