We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs
< prev | next >
new | recent | 2303

Change to browse by:

cs.CR
cs.PL
cs.SE

References & Citations

DBLP - CS Bibliography

listing | bibtex

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo

Computer Science > Software Engineering

Title: Picking a CHERI Allocator: Security and Performance Considerations

Authors: Jacob Bramley, Dejice Jacob, Andrei Lascu, Jeremy Singer, Laurence Tratt
(Submitted on 27 Mar 2023 (v1), last revised 15 May 2023 (this version, v2))
Abstract: Several open-source memory allocators have been ported to CHERI, a hardware capability platform. In this paper we examine the security and performance of these allocators when run under CheriBSD on Arm's experimental Morello platform. We introduce a number of security attacks and show that all but one allocator are vulnerable to some of the attacks - including the default CheriBSD allocator. We then show that while some forms of allocator performance are meaningful, comparing the performance of hybrid and pure capability (i.e. 'running in non-CHERI vs. running in CHERI modes') allocators does not appear to be meaningful. Although we do not fully understand the reasons for this, it seems to be at least as much due to factors such as immature compiler toolchains as it is due to the effects of capabilities on hardware.
Subjects: Software Engineering (cs.SE); Cryptography and Security (cs.CR); Programming Languages (cs.PL)
DOI: 10.1145/3591195.3595278
Cite as: arXiv:2303.15130 [cs.SE]
  (or arXiv:2303.15130v2 [cs.SE] for this version)

Submission history

From: Andrei Lascu [view email]
[v1] Mon, 27 Mar 2023 12:05:19 GMT (133kb,D)
[v2] Mon, 15 May 2023 15:16:32 GMT (1714kb,D)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.