Picking a CHERI Allocator: Security and Performance Considerations. (arXiv:2303.15130v2 [cs.SE] UPDATED)

Several open-source memory allocators have been ported to CHERI, a hardware
capability platform. In this paper we examine the security and performance of
these allocators when run under CheriBSD on Arm's experimental Morello
platform. We introduce a number of security attacks and show that all but one
allocator are vulnerable to some of the attacks - including the default
CheriBSD allocator. We then show that while some forms of allocator performance
are meaningful, comparing the performance of hybrid and pure …

arm attacks cheri hardware memory performance picking platform run security under