Picking a CHERI Allocator: Security and Performance Considerations

March 27, 2023 Β· Declared Dead Β· πŸ› International Symposium on Mathematical Morphology and Its Application to Signal and Image Processing

πŸ‘» CAUSE OF DEATH: Ghosted
No code link whatsoever

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors Jacob Bramley, Dejice Jacob, Andrei Lascu, Jeremy Singer, Laurence Tratt arXiv ID 2303.15130 Category cs.SE: Software Engineering Cross-listed cs.CR, cs.PL Citations 11 Venue International Symposium on Mathematical Morphology and Its Application to Signal and Image Processing Last Checked 4 months ago
Abstract
Several open-source memory allocators have been ported to CHERI, a hardware capability platform. In this paper we examine the security and performance of these allocators when run under CheriBSD on Arm's experimental Morello platform. We introduce a number of security attacks and show that all but one allocator are vulnerable to some of the attacks - including the default CheriBSD allocator. We then show that while some forms of allocator performance are meaningful, comparing the performance of hybrid and pure capability (i.e. 'running in non-CHERI vs. running in CHERI modes') allocators does not appear to be meaningful. Although we do not fully understand the reasons for this, it seems to be at least as much due to factors such as immature compiler toolchains as it is due to the effects of capabilities on hardware.
Community shame:
Not yet rated
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

πŸ“œ Similar Papers

In the same crypt β€” Software Engineering

Died the same way β€” πŸ‘» Ghosted