Memory Integrity Enforcement Changes the Game on iOS

Memory Integrity Enforcement Changes the Game on iOS

For journalists, lawyers, activists, politicians, executives, and other high-profile figures, the most relevant new feature from Apple's latest product launch wasn't highly advertised at all. Rather, it was announced in a September 9th post on the Apple Security Research blog.

Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research
Memory Integrity Enforcement (MIE) is the culmination of an unprecedented design and engineering effort spanning half a decade that combines the unique strengths of Apple silicon hardware with our advanced operating system security to provide industry-first, always-on memory safety protection across our devices — without compromising our best-in-class device performance. We believe Memory Integrity Enforcement represents the most significant upgrade to memory safety in the history of consumer operating systems.
Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security ResearchPosted by Apple Security Engineering and Architecture (SEAR)

Memory Integrity Enforcement (MIE) is a security enhancement present in the the A19 System-on-Chip (SoC) series (iPhone 17, iPhone Air) which combines existing memory safety defenses in iOS with ARM's Memory Tagging Extension (MTE).

What is MTE?

MTE is an SoC hardware feature originally built by ARM as a debugging tool for app developers. Apps need to store data in your phone or computer's memory (RAM), and they reserve this space in RAM through a process called memory allocation. Unfortunately, these allocations are often not validated, and apps can inadvertently (or maliciously) access memory outside of what they've been allocated, through a variety of methods.

MTE is essentially a system which informs the developer and the operating system when this happens. When MTE is in use, every memory allocation is tagged with a secret. Then, the hardware ensures that every future request from an app to access that memory allocation is only granted if the request contains that same secret.